Latest analysis into the wiper malware that targeted dozens of Ukrainian agencies earlier this month has revealed "strategic similarities" to NotPetya malware that was unleashed against the country's infrastructure and elsewhere in 2017. The malware, dubbed WhisperGate, was discovered by Microsoft last week, which said it observed the destructive cyber campaign targeting … [Read more...] about Experts Find Strategic Similarities b/w NotPetya and WhisperGate Attacks on Ukraine
News
Podcast Highlights: Data Radicals – insideBIGDATA
Alation Inc., a leader in enterprise data intelligence solutions, announced the debut of its podcast, “Data Radicals.” Hosted by Satyen Sangani, CEO and co-founder of Alation, “Data Radicals” is a show for business, data, and technology enthusiasts who seek to enable individuals and organizations to use data in powerful ways. The podcast kicks off with the first 5 episodes … [Read more...] about Podcast Highlights: Data Radicals – insideBIGDATA
2021 Global Attitude Survey Takeaways
The results from the 2021 Global Security Attitude Survey paint a bleak picture of how organizations globally are feeling about the cybersecurity landscape before them. Organizations are grappling with shortages of cybersecurity skills and a lack of capability to detect and contain intrusions in a timely way. This comes against a backdrop of persistent ransomware attacks, the … [Read more...] about 2021 Global Attitude Survey Takeaways
Relevant and Extended Detection with SecureX, Part Three: Behaviour-Based Detections with Secure Network Analytics
In part one of this Relevant and Extended Detection with SecureX series, we introduced the notion of risk-based extended detection with Cisco SecureX – the idea that a user can prioritise detections into incidents based on their idea of what constitutes risk in their environments and then extend those detections with enrichments from other products. In subsequent posts we are … [Read more...] about Relevant and Extended Detection with SecureX, Part Three: Behaviour-Based Detections with Secure Network Analytics
Log4J Does What?!!! | Logz.io
You have probably heard of Log4Shell, the security vulnerability that has ‘earned’ itself an NIST rank of 10:Source: https://nvd.nist.gov/vuln/detail/CVE-2021-44228In this post I will show a really basic example of how this vulnerability actually works. I will walk you through some basic usage of the Log4J library and then show how some fairly basic inputs into this library can … [Read more...] about Log4J Does What?!!! | Logz.io
2022 Trends in Semantic Technologies: Humanizing Artificial Intelligence
Not long ago, semantic technologies were considered a taboo, almost esoteric branch of data management that few people talked about or openly admitted to using. Today, with the burgeoning popularity of knowledge graphs (ubiquitous in solutions spanning everything from data preparation to analytics) and the increasing ascendance of neuro-symbolic Artificial Intelligence … [Read more...] about 2022 Trends in Semantic Technologies: Humanizing Artificial Intelligence
Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks
A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41). Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the "most advanced UEFI firmware implant discovered in the wild to date," adding "the … [Read more...] about Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks
CrowdStrike Powers MXDR Services by Deloitte
Deloitte, a leader in managed security services, has launched MXDR by Deloitte — a Managed Extended Detection and Response suite of offerings — within which the CrowdStrike Falcon® platform will power a number of solutions. MXDR by Deloitte combines an integrated, composable and modular managed detection and response SaaS platform with managed security services in a unified … [Read more...] about CrowdStrike Powers MXDR Services by Deloitte
How to Use MPLogs for Forensic Investigations
In an incident response investigation, CrowdStrike analysts use multiple data points to parse the facts of who, what, when and how. As part of that fact-finding mission, analysts investigating Windows systems leverage the Microsoft Protection Log (MPLog), a forensic artifact on Windows operating systems that offers a wealth of data to support forensic investigations. MPLog has … [Read more...] about How to Use MPLogs for Forensic Investigations
Google Details Two Zero-Day Bugs Reported in Zoom Clients and MMR Servers
An exploration of zero-click attack surface for the popular video conferencing solution Zoom has yielded two previously undisclosed security vulnerabilities that could have been exploited to crash the service, execute malicious code, and even leak arbitrary areas of its memory. Natalie Silvanovich of Google Project Zero, who discovered and reported the two flaws last year, said … [Read more...] about Google Details Two Zero-Day Bugs Reported in Zoom Clients and MMR Servers