Getting Started With Threat-Informed Security Programs
Security leaders need to examine their business model, document risks, and develop a strategic plan to address those risks....
Zero Trust and Access: Protecting the Keys to the Kingdom
Zero trust moves the control pane closer to the defended asset and attempts to tightly direct access and privileges....
In the Fight Against Cybercrime, Takedowns Are Only Temporary
Disrupting access to servers and infrastructure continues to interfere with cybercrime activity, but it's far from a perfect strategy....
22 cybersecurity statistics to know for 2022
As we usher in the New Year, let’s take a look at some statistics that will help you stay up-to-date on recent cybersecurity trends The post 22 cybersecurity statistics to know for 2022 appeared first on WeLiveSecurity
New iLOBleed Rootkit Targeting HP Enterprise Servers with Data Wiping Attacks
A previously unknown rootkit has been found setting its sights on Hewlett-Packard Enterprise's Integrated Lights-Out (iLO) server management technology to carry out in-the-wild attacks that tamper with the firmware modules and...
Chinese APT Hackers Used Log4Shell Exploit to Target Academic Institution
A never-before-seen China-based targeted intrusion adversary dubbed Aquatic Panda has been observed leveraging critical flaws in the Apache Log4j logging library as an access vector to perform various post-exploitation operations, including reconnaissance and...
Episode 233: Unpacking Log4Shell’s Un-coordinated Disclosure Chaos
In this episode of the podcast (#233) Mark Stanislav, a Vice President at the firm Gemini, joins Paul to talk about what went wrong with disclosure of Log4Shell, the critical, remote...
Why Cyber Due Diligence Is Essential to the M&A Process
That announcement may feel good, but if your prospective acquisition's cybersecurity levels are substandard, it might be best to hold off....
Ongoing Autom Cryptomining Malware Attacks Using Upgraded Evasion Tactics
An ongoing crypto mining campaign has upgraded its arsenal while adding new defense evasion tactics that enable the threat actors to conceal the intrusions and fly under the radar, new research...
New Apache Log4j Update Released to Patch Newly Discovered Vulnerability
The Apache Software Foundation (ASF) on Tuesday rolled out fresh patches to contain an arbitrary code execution flaw in Log4j that could be abused by threat actors to run malicious code...