Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

June 2024

GrimResource: Arbitrary Code Execution via Malicious MSC file | Threat SnapShot

Jun 30, 2024 By SnapAttack In SnapAttack
Discover how to detect the GrimResource attack, a novel code execution technique leveraging Microsoft Management Console (MMC) files. This threat snapshot video breaks down Elastic Security Labs' research on this stealthy initial access vector that evades common defenses. Key points covered: Learn practical steps to protect your systems against this emerging threat. *Subscribe to SnapAttack for more in-depth analyses and real-world applications of cybersecurity defenses.*
View Video
indusface

10 Botnet Detection and Removal Best Practices

Jun 28, 2024 By Venkatesh Sundar In Indusface
If your device suddenly behaves like a re-animated zombie, it might be under a botnet attack. Botnet attacks, also known as zombie armies, involve hijacking internet-connected devices infected with malware, controlled remotely by a single hacker. These attacks can reach immense scales, as demonstrated by an incident where 1.5 million connected cameras were exploited to overwhelm and take down a journalist’s website.
Read Post
CrowdStrike

Seeing the Unseen: Preventing Breaches by Spotting Malicious Browser Extensions

Jun 27, 2024 By Bei Wang - Hari Holla - Keyauri Kendrick - Kamil Imtiaz In CrowdStrike
As workforce productivity increasingly depends on web-based applications, browsers have become essential gateways to the “connectivity economy.” According to recent data, 93% of desktop internet traffic in 2023 traversed through four popular web browsers.
Read Post
Corelight

Splunk .conf24 reflections - Federated data, resilience, and a parade of fezzes

Jun 26, 2024 By Allen Marin In Corelight
Fresh from the recent.conf24 user conference in fabulous Las Vegas, I thought I’d share what I thought were some of the key points throughout the week. Along with admiring the traditional display of fezzes and capes throughout the week, we were excited about the great conversations with our customers, business partners, Splunkers, and, of course, the lovely Buttercup.
Read Post
CrowdStrike

3 Crucial Capabilities for Effective Cloud Detection and Response

Jun 24, 2024 By Brett Shaw In CrowdStrike
Adversaries are increasingly attacking cloud environments, as evidenced by a 75% surge in cloud intrusions year-over-year in 2023. They are also getting faster: The fastest breakout time was clocked at just over 2 minutes, according to the CrowdStrike 2024 Global Threat Report. Today’s adversaries are outpacing legacy security approaches. Disjointed point solutions can’t scale or provide visibility into a rapidly growing attack surface.
Read Post
graylog

Destructive Malware: Threat Detection and Incident Response

Jun 20, 2024 By The Graylog Team In Graylog
Imagine that you have a snack you want to eat while watching a movie on a Friday night. You look in your kitchen, only to find the snack missing. Whether a roommate hid the snack or ate it, you no longer have access to it, disrupting your evening plans. This destructive behavior interrupts your weekend objectives, but it’s pretty low stakes overall.
Read Post
securitysenses

The Future of Endpoint Protection: AI and Predictive Security

Jun 14, 2024 By SecuritySenses In SecuritySenses
Traditional security measures, while essential, are often reactive, scrambling to respond to attacks after they've occurred. Endpoint protection stands as a critical line of defense against an increasingly sophisticated array of cyber threats. Its future lies in proactive, intelligent solutions that leverage the power of AI and predictive security to anticipate and prevent threats before they can cause harm.
Read Post
securitysenses

The Importance of Cyber Security Services in Today's Digital Landscape

Jun 14, 2024 By SecuritySenses In SecuritySenses
In the digital age, where almost every aspect of our lives is intertwined with technology, ensuring the security of our online presence has never been more critical. Cyber security services play a pivotal role in protecting sensitive information from cyber threats, making them indispensable for both businesses and individuals. But what exactly are cyber security services, and why are they so important?
Read Post

Microsoft Recall: Detecting Abuse | Threat SnapShot

Jun 14, 2024 By SnapAttack In SnapAttack
You've probably heard of Microsoft's new Recall feature by now. It's a info stealer's dream come true. There has been a lot of information release about how this new feature is a security nightmare and how it works. But today we are going to dig in and discover how to actually detect abuse of this new feature.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.