HackDig : Dig high-quality web security articles for hackers

The best test for an EDR solution is one that works for you

Since its inception, the endpoint detection and response (EDR) market has evolved rapidly with new innovations to better address the cyber landscape and meet customers’ needs for an effective and simple solution that just works. But finding something that just works means something quite different for every business, depending on their size, security expe
Publish At:2020-05-28 16:55 | Read:494 | Comments:0 | Tags:Awareness Explained Opinion Security world alert fatigue aut

SANS 2019 Incident Response Survey: Successful IR Relies on Visibility

During the past year, we have witnessed significant data breaches that have impacted industries ranging from hospitality to legal to social media. We have seen a continuation of financially motivated threats, such as business email compromise (BEC), which continue to plague corporate bank accounts. Ransomware has brought multiple cities, schools and universi
Publish At:2020-02-26 02:05 | Read:851 | Comments:0 | Tags:Featured Articles Incident Detection BEC containment detecti

How to detect Kubernetes vulnerability CVE-2019-11246 using Falco.

A recent CNCF-sponsored Kubernetes security audit uncovered CVE-2019-11246, a high-severity vulnerability affecting the command-line kubectl tool. If exploited, it could lead to a directory traversal, allowing a malicious container to replace or create files on a user’s workstation. This vulnerability stemmed from an incomplete fix of a previously disclose
Publish At:2019-10-18 04:35 | Read:1465 | Comments:0 | Tags:Falco cve Detection Vulnerability

Securing the Modern Endpoint the SANS Maturity Way

In Case You Missed It Bromium recently engaged in a series of communications and events on the topic of Securing the Modern Endpoint, covering timely and provocative concepts including: How detection consistently fails to secure the enterprise and why new thinking is desperately needed How to realign your defenses around a modern threat risk model using few
Publish At:2017-10-30 17:15 | Read:5519 | Comments:0 | Tags:Threats case study data sheet defenses detection endpoint mo

Protecting Legacy Applications from Attacks with Modern Hardware Isolation

Legacy applications are integral to most businesses and are heavily relied upon in the public sector Many legacy applications were written in a time when security was much less of a concern than today Isolation is the only solution that can absolutely eliminate kernel-level exploits and malware escapes Detection is obsolete and the future of cybersecurity d
Publish At:2017-09-11 10:00 | Read:4437 | Comments:0 | Tags:Company News detection Isolation legacy legacy apps Micro-VM

Virtualization-Based Security is Helping Security Professionals Relax

Virtualization’s continued journey across the enterprise led inevitably to security Enhanced security benefits using virtualization are powerful and compelling Virtualization takes the security responsibility off users and delivers control to IT Detection-based security doesn’t work. It’s an exhausted concept. The battle’s been waged for 30 years and the c
Publish At:2017-08-03 12:45 | Read:4352 | Comments:0 | Tags:Innovation cybersecurity detection intelligence management p

Breachless Threat Intelligence: A Pain-Free Approach to CyberSecurity

Enterprises need a steady stream of actionable, timely, and accurate threat intelligence on targeted malicious intrusions and attempts into their networks They need this information without suffering breaches and cannot rely solely on post-compromise forensics or sandbox simulations to continuously tighten and adapt their defenses Pre-breach targeted intell
Publish At:2017-07-17 06:40 | Read:4479 | Comments:0 | Tags:Innovation breach breachless detection disposable Forensics

See Our Threat Analysis of University College London Ransomware Attack

Ransomware has hit the news again in the UK today only a few short weeks since the WannaCry outbreak crippled the National Health Service. This time University College London (UCL) was hit by a ransomware strain which has resulted in them having to take down parts of their network to stop infected machines harming key university data. Credit to UCL for what
Publish At:2017-06-16 17:15 | Read:5963 | Comments:0 | Tags:Breaking News Threats analysis anti-virus browsing cause det

As Vendors Talk WannaCry, We Want You to Know What You Can Expect from Bromium

As WannaCry went nuts last week and everyone moved quickly to support one another; we all moved on our best intelligence at the time. Because most ransomware is typically delivered via email, website or file, we worked with our customers to make sure their endpoints were protected. One week later, I wanted to take a moment to be absolutely transparent about
Publish At:2017-05-20 10:20 | Read:5379 | Comments:0 | Tags:Company News breach crypto-malware detection enterprise Isol

Deception as a {Free} Post-Breach Detection Tool

The Clifford Stoll’s interesting story of stalking the wily hacker back in the 80s was probably the first time deception was used for catching a hacker. Since then, the technology has changed a lot, but the concept of honeypots and deception in general has remained the same.Despite the undeniable and important role that honeypots have in proactive defense st
Publish At:2017-03-08 04:10 | Read:4920 | Comments:0 | Tags:Featured Articles IT Security and Data Protection breach det

DOE Awards $34M in Funding to Help Bolster Power Grid Security

The United States Department of Energy (DOE) has awarded $34 million in funding for projects aimed to protect the U.S. power grid against digital attacks.The 12 projects are still waiting congressional approval. If given the green light, they will proceed across nine states through the Energy Reliability’s Cybersecurity of Energy Delivery Systems (CEDS) prog
Publish At:2016-08-18 00:35 | Read:4246 | Comments:0 | Tags:Latest Security News cybersecurity department of energy dete

Searching the Enterprise for Known Indicators of Breach

Given the recent high-profile breaches, a key challenge facing government agencies and other security-minded organizations is rooting out malware that has already become embedded on key assets.Multiple vendors are offering cloud-based sandbox analytics services, and/or on-premises appliances, that can analyze new binaries to determine if they have suspicious
Publish At:2015-07-13 19:30 | Read:5385 | Comments:0 | Tags:Featured Articles Tripwire News breach detection malware tri

Ransomware Campaign Alters Variants to Evade Detection

A recently uncovered operation has been mutating versions of ransomware to better avoid getting detected.As part of the campaign, which researchers from Cambridge-based Cybereason have dubbed Kofer, attackers are tweaking certain variables of ransomware like CryptoWall 3.0 and Crypt0L0cker to evade static signature or hash-based detection. While the malwa
Publish At:2015-07-08 20:30 | Read:3909 | Comments:0 | Tags:Malware Detection malware ransomware Ransomware Campaign

Zimperium Takes on Mobile World Congress 2015

Next month Zimperium has the honor of presenting on the evolution of the mobile threat landscape at Mobile World Congress, March 2-5, in Barcelona, Spain. After a record 2014, we are excited to showcase our Mobile Threat Defense system for iOS and Android devices to event attendees! Be sure to visit Zimperium at any one (or all!) of our three ex
Publish At:2015-02-19 17:05 | Read:4719 | Comments:0 | Tags:Events Mobile security News AirWatch AirWatch by VMware Andr

Security Kaizen: Adopting the Practice of Continuous Improvement to Improve Your Security Posture

In the early ’80s, the Japanese automobile industry (and Toyota in particular) popularized the idea of “Kaizen,” or continuous improvement, as a daily process of good change. Kaizen refers to activities that continuously improve all functions within a company to reduce waste and improve productivity and efficiency. In order to adopt this pr
Publish At:2015-01-05 21:35 | Read:4568 | Comments:0 | Tags:detection endpoint protection Kaizen Network Security Preven


Tag Cloud