Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat Detection

2023 Top Routinely Exploited Vulnerabilities | Threat SnapShot

Nov 15, 2024 By SnapAttack In SnapAttack
On November 12, 2024, a joint cybersecurity advisory was released by agencies from the United States, Australia, Canada, New Zealand, and the United Kingdom. This advisory highlights the **top routinely exploited vulnerabilities of 2023**, offering insights into persistent threats and the measures organizations can take to protect themselves.
View Video
Corelight

Reduce time to triage by up to 50% with Corelight's new Guided Triage capability

Nov 12, 2024 By David Getman In Corelight
Security Operations Centers (SOCs) are under immense pressure to ensure no attack goes unnoticed. At Corelight, we’re being approached daily to help bring in network visibility. For many though, visibility isn’t enough. SOCs are already overloaded and Tier 1 Analysts often lack network expertise. Modern network visibility has to be easy to use and designed for maximizing SOC efficiency. For that, we built Guided Triage.
Read Post

Going Rogue: APT49 Using Rogue RDP | Threat SnapShot

Nov 6, 2024 By SnapAttack In SnapAttack
In 2022, Microsoft began blocking macros originating from the internet in Office, pushing both pentesters and threat actors to explore new methods for initial access. Fast forward to October 2024, and APT29 is leveraging one of those methods—Rogue RDP—discovered as a workaround back in 2022. In this video, we dive into a recent spearphishing campaign uncovered by the Ukrainian CERT, where attackers used Rogue RDP to gain initial access to targets. This video will provide you practical detection opportunities that can be used to hunt for this activity in your environment.
View Video
cato networks

Leveraging Custom IOC Feeds for Enhanced Threat Detection

Nov 6, 2024 By Andrea Napoli In Cato Networks
Indicators of Compromise (IOCs) are vital components in cybersecurity, representing digital clues or evidence that signal a potential security breach or malicious activity in a computer system or network. Think of them as the fingerprints left behind by cybercriminals during or after a cyber-attack. Examples of common IOCs are: Security teams use IOCs as red flags to identify and mitigate threats before they cause significant damage.
Read Post
securitysenses

The Role of Cloud Computing in Enhancing Cybersecurity

Nov 6, 2024 By SecuritySenses In SecuritySenses
Cloud computing revolutionizes how organizations approach data security and threat prevention. The transformation of traditional security measures into cloud-based solutions marks a significant shift in protecting sensitive information and maintaining business continuity.
Read Post
sysdig

Adding runtime threat detection to Google Kubernetes Engine with Falco

Nov 5, 2024 By Sysdig Team In Sysdig
One of the big advantages of running your workloads on a managed Kubernetes service like Google Kubernetes Engine (GKE) is that Google ensures your clusters are being deployed and managed following industry best practices. While GKE clusters are incredibly secure and reliable, there is always room for improvement. In this blog, we’re going to describe how you can enhance GKE’s already great security by adding runtime threat detection with Falco.
Read Post
tripwire

Strategies for Implementing Effective Threat Detection in IIoT

Nov 4, 2024 By Emily Newton In Tripwire
The industrial Internet of Things (IIoT) is growing rapidly. While that’s good news for businesses in terms of productivity and cost savings, these devices carry unique cybersecurity risks that demand attention. Amid such rising concerns, IIoT threat detection is a must.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.