Stories from the SOC Webinar 24-04-24
Our latest webinar, with Brad Freeman, Director Technology, at SenseOn explores Stories from our SOC: Threat mitigation and unveiling success stories. In this 40-minute webinar.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
April 29 2024 Cyber Threat Intelligence Briefing
This weeks' briefing covers: Dive deeper: Playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.
Zombie Leaks: Unrevoked Secrets Lurking on GitHub
Don't let zombies haunt your security posture.
What is MFA bombing? Apple users were targeted using this phishing technique
Some Apple users have reported phishing attacks using the password reset feature.
All-in-1 Solution for Kubernetes Cluster Backup, Migration, and DR on Azure & Azure Arc
CloudCasa enhances Kubernetes data protection, simplifying backups, recovery, and migrations across cloud platforms like GCP, AWS, and Azure. Learn about our one-touch solution for cluster backup, migration, replication, and disaster recovery, ensuring your applications are resilient and compliant. Dive into our visual guide on operational continuity with edge devices and more.
What Are Zero Standing Privileges?
Zero Standing Privileges (ZSP) is a Privileged Access Management (PAM) strategy in which organizations limit access to sensitive data by removing all permanent user access. It requires users to request specific access to resources needed to complete a task. However, instead of granting users continuous access, ZSP will grant them temporary access until the task is complete.
Targeted Smishing Attacks by Threat Group "The Com" On The Rise
Cyber activity by the group "The Com," which leverages (SIM) swapping, cryptocurrency theft, swatting, and corporate intrusions, is increasing. Security researchers at Intel471 have published an analysis of the threat group, “The Com” (short for “The Community”), providing details about their targets and tactics. Operating mostly from Canada, the U.S.
The Art of Huh?
One of the best things you can teach yourself, your family, and your organization is how to recognize the common signs of phishing and how to mitigate and appropriately report it. Phishing messages can have many different looks, traits and narratives. What worked yesterday for the attackers eventually becomes blocked, recognized, and less profitable, and they move on to different tactics.
Why There's No Such Thing As a Low-Cost SIEM
Staff time, log processing, and legacy issues can turn free, open-source or low-cost SIEMs into one of your organisation's most expensive investments. You're not alone if you're baulking at the idea of paying upwards of tens of thousands of pounds for a new or renewed SIEM licence. Many security decision-makers feel the same way. One survey showed that almost half (40%) of existing SIEM users feel like they are overpaying for their SIEM.
What Goes Into the Cost of a SIEM?
As we've covered before, SIEMs are an expensive tool. The average enterprise-level SIEM deployment costs over £15 million a year, and operating a small, 100 to 1000-seat SIEM will still run up bills of over £10k monthly. SIEMs create spiralling costs that eat security budgets. Without a skilled team operating them, they can also make organisations less secure despite receiving more information about their digital estates. But where do these SIEM costs come from?