Ransomware preparedness is low despite executives’ concerns
86.7% of C-suite and other executives say they expect the number of cyberattacks targeting their organizations to increase over the next 12 months, according to a recent …
threat hunting
Attackers rapidly adopting new techniques to target users
Zix announced the release of a report which finds attackers are rapidly adopting new techniques to target users. “Cybercrime is exploding in 2021 and if there is anything that …
50% of cybersecurity attacks are from repeat offenders
Lack of awareness and gaps in knowledge are a weak link for cybersecurity leadership who are responsible for strategic planning of cybersecurity defenses, leaving …
Reformulating the cyber skills gap
Despite a positive (and significant) decrease from over 4 million unfilled cybersecurity jobs in 2019, there is still a staggering 3.12 million global shortage of workers with …
What happens after a malicious email reaches employees’ inboxes?
On average, it takes three and half days (83 hours) from the moment a malicious email attack lands in an employees inbox, to when it is discovered by a security team or …
Detecting attackers obfuscating their IP address inside AWS
Security researchers have documented an attack technique that may allow attackers to leverage a legitimate Amazon VPC feature to mask their use of stolen API credentials …
Cyber investigations, threat hunting and research: More art than science
While it’s true that threat hunting, incident response, and threat research all have their foundations in science (operating system theory and architecture, computer language …
Sophos XDR: Threat hunting through the entire security ecosystem
Almost a decade ago, ransomware started becoming a prominent consumer problem, locking computers and threatening users with fines and jail time for supposedly downloading …
Why threat hunting is obsolete without context
Cybersecurity is an undisputed concern within any industry – but how are organizations and businesses using the security data and information they collect to best ensure their …
Be a “dumbass”, like some of the world’s best cyber investigators
One of my closest friends in the cybersecurity industry has had a second-to-none career path. While in the employ of an industry leader in incident response, he was …
MythBusters: What pentesting is (and what it is not)
You’ve probably seen the term pentesting pop up in security research and articles, but do you know what it really means? Simply put, penetration testing is a security …
Advice for aspiring threat hunters, investigators, and researchers from the old town folk
There’s a big cohort of security geeks who joined the industry around the turn of the millennium by either landing “infosec” jobs or, quite frequently, just by making infosec …
