Alert triage can be a very cumbersome and time consuming process for SOC teams. Our recent State of Security report found that 26% of respondents agree that the volume of alerts they deal with makes it difficult to keep up with addressing emergencies. While tools like virtual sandboxes can help analysts better test and understand the severity of the threats they encounter, the process of testing and documenting results can add further tedium to an already prolonged process.

The cybersecurity world is no doubt aware that the National Vulnerability Database (NVD) has been experiencing issues over the last three months.

Read also: MIT brothers charged with a $25M crypto theft, BreachForums hacking forum seized, and more.

With economic sanctions being levied by the US against Iran and a trade war heating up with China, some security experts are cautioning that attacks targeting US critical infrastructure may be inevitable. Are electric utilities prepared to defend themselves and their facilities against these attacks?

AWS WAF, a widely used security tool from Amazon Web Services, is a web application firewall designed to safeguard web application servers against various online threats. The tight integration of AWS WAF with key AWS services, including Amazon CloudFront CDN, Application Load Balancer (ALB), and Amazon API Gateway, ensures a comprehensive security approach. AWS WAF can also protect services offered by other providers as long as the content is delivered via the CloudFront distribution network.

Spring cleaning is no longer just about spotless windows and gleaming floors. In the digital age, businesses need to consider the clutter accumulating in their virtual filing cabinets too. A corporate digital spring cleaning can breathe new life into your organization’s online presence and data management practices.

Cyber resilience is becoming increasingly complex to achieve with the changing nature of computing. Appropriate for this year’s conference theme, organizations are exploring “the art of the possible”, ushering in an era of dynamic computing as they explore new technologies. Simultaneously, as innovation expands and computing becomes more dynamic, more threats become possible – thus, the approach to securing business environments must also evolve.

Rapid7 reports an interesting social engineering scheme that easily bypasses content filtering defenses and creatively uses a fake help desk to supposedly “help” users put down the attack. The Black Basta ransomware group, also covered in a recent CISA warning bulletin, floods a victim’s email inbox with many, many emails. The emails are often otherwise legitimate emails, such as newsletter confirmation emails, which most email content filtering gateways would not block.

Law enforcement agencies worldwide have coordinated to take down one of the world’s largest hacker forums, scoring a victory against cybercrime. BreachForums, a notorious marketplace for stolen data, was seized by the authorities on Wednesday, according to a message on its website.

As technology becomes more complex, the need for strong cybersecurity measures has never been more critical. Statistics speak for themselves – according to the 2023 Annual Data Breach Report, the world has seen a 78 percent increase in 2023 in data compromises compared to the previous year. The reasons can be different – from human mistakes and ransomware to security misconfigurations.