For Most Organizations, the Full Capabilities of Security Automation Are Still UntappedModern security threats come in many different forms, which is part of the reason why addressing them is so challenging and there is a dire need for security automation. But despite recent advancements, the barriers to adoption for automation software remain high, particul

At the behest of the U.S. government, German authorities have seized a computer server that hosted a huge cache of files from scores of U.S. federal, state and local law enforcement agencies obtained in a Houston data breach last month.The server was being used by a WikiLeaks-like data transparency collective called Distributed Denial of Secrets to share doc

Learn about SteganographyExplore how cryptographic hashing, stenography and other techniques are used to hide data.This skills course covers⇒ Steganography⇒ Cryptographic hashes⇒ And moreStart your free trialIn the past few years, the term “steganography” has attracted the attention of law enforcement agencies. This technique has been used by hackers t

Renewable energy company EDP Renewables North America (EDPR NA) has started informing customers that its internal systems were breached by cybercriminals.EDPR NA is part of energy provider EDP Renováveis, which is headquartered in Madrid, Spain, and is a subsidiary of Energias de Portugal, the electric utilities company founded in 1976 by the government of P

In this video, Senior Incident Response & Research Consultant Scott Nusbaum demonstrates a method to extract and deobfuscate code from a malicious document. Upon rendering the code readable, Nusbaum works to gain an understanding of the goals the malware was attempting to accomplish and the processes by which it undertook that effort. This video

The threat actor behind the Sodinokibi (REvil) ransomware is demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A.The company has confirmed that it was hit with a cyberattack without providing specific information on the type of compromise, but AppGate’s security researchers, who have obtained a sample of the malware believ

China on Wednesday demanded Washington stop “oppressing Chinese companies” after U.S. regulators declared telecom equipment suppliers Huawei and ZTE to be national security threats.The Federal Communications Commission on Tuesday blocked the Chinese vendors from receiving subsidies from a government fund, stepping up efforts to limit their access to the U.S.

Over the last several months, I’ve noticed something when discussing Incident Response (IR) with clients. There is often confusion between the expectation and reality concerning the end results of an IR investigation. My goal here is to clarify and set those expectations, and to show how Threat Hunting factors in. When TrustedSec gets called to conduct an

Australia unveiled the "largest-ever" boost in cybersecurity spending Tuesday, days after Prime Minister Scott Morrison spoke out about a wave of state-sponsored attacks suspected to have been carried out by China.Morrison and government officials said the country would spend an additional Aus$1.35 billion ($928 million) on cybersecurity, around a 10 percent

The Ponemon Institute just released its annual “The Cyber Resilient Organization” report, sponsored by IBM Security. In its fifth year, this study takes an in-depth look at organizations’ ability to prevent, detect, contain and respond to cyberattacks. The report examines changes in cyber resilience and identifies approaches and best practices organizations

Late last week, the University of California San Francisco (UCSF) revealed that it paid roughly $1.14 million to cybercriminals to recover data encrypted during a ransomware attack earlier this month.The incident happened on June 1 and UCSF said that it was able to contain it quickly after discovery, though not before certain systems were affected.IT systems

A data breach has impacted Maine State Police’s information sharing database for federal, state and local law enforcement officials, the agency confirmed late Friday.State police say they were notified on June 20 by Netsential that a data breach may have included information from the Maine Information and Analysis Center, or MIAC.The agency has contracted th

Australian beverage company Lion says it has found no evidence that hackers have stolen information from its systems, but the hackers claim they have and are threatening to leak it unless the company pays up.Lion, a major supplier of beer and milk in Australia and New Zealand, revealed earlier this month that manufacturing processes and customer service were

The cybercriminals behind the ransomware known as Maze claim to have breached the systems of LG Electronics and obtained highly sensitive information.The operators of the Maze ransomware are known for targeting major organizations and not only encrypting their files, but also stealing files and threatening to make them public unless a ransom is paid.The hack

Akamai on Thursday revealed that it mitigated a second record-setting distributed denial-of-service (DDoS) attack since the beginning of June, one that peaked at 809 MPPS (million packets per second).Earlier this month, the company shared details on the mitigation of a 1.44 TBPS (terabits per second) DDoS assault that reached 385 MPPS at its peak, but the mo