The 2023 Exabeam State of Threat Detection, Investigation, and Response Report sheds light on five significant hurdles hindering effective TDIR strategies.
Addressing these five challenges are essential for strengthening an organization’s security posture.
This guide explores the top five challenges that stand...
A study by Exabeam and IDC shows cybersecurity spending hit $92 billion in 2022, projected to surpass $170 billion by 2027. Yet, 57% of surveyed organizations still faced significant security incidents in the past year, highlighting the need for advanced threat detection, investigation, and response (TDIR) approaches...
As cyberthreats grow more sophisticated and pervasive, the need for advanced threat detection, investigation, and response (TDIR) has never been more critical. Staying ahead of potential threats requires a revolutionary approach to TDIR, incorporating cutting-edge AI and automation technologies.
This guide explores...
North Korea's Lazarus hackers exploited a Windows AppLocker driver zero-day to gain kernel-level access and turn off security tools that could detect the group's bring-your-own-vulnerable-driver exploitation techniques. Microsoft fixed the bug in its February patch dump.
Chinese threat actors are continuing to persist after exploiting the recent Ivanti Connect Secure VPN vulnerability even after factory resets, system upgrades and patches. The threat actor, UNC5325, is adept at "living off the land" techniques, warned threat intelligence firm Mandiant.
Cybersecurity researchers identified a suspected Iranian espionage campaign targeting aerospace, aviation and defense industries across the Middle East. Hackers targeted employees within the aviation and defense sectors with fake job offers for tech and defense-related positions.
While overall ransomware profits might remain high, many of the remaining or rebooted top-tier groups are "really struggling" with scarce talent, trauma from the Russia-Ukraine war and repeated disruptions by law enforcement, say researchers from threat intelligence firm RedSense.
The novel variant of the banking Trojan Mispadu is targeting Latin American countries, especially Mexico, by exploiting a flaw in Windows SmartScreen. In this latest distribution method, the attackers send spam emails that deliver deceptive URL files that circumvent the SmartScreen banner warning.
In times of conflict, such as the Israel-Hamas war, intelligence becomes even more important than it is in peacetime. Red Curry, chief marketing officer at Tautuk, and his brother, Sam Curry, CISO at Zscaler, discuss the need for a combined intelligence strategy and better resilience in wartime.
OT cybersecurity threats loom larger and more complex than ever. With industrial control systems (ICS) powering consequential operations that provide for human life - electricity, oil and gas, water, and manufactured goods – there is a need for a pivotal shift from a reactive stance to proactive threat...
In the wake of an apparently weak password being harvested by information-stealing malware and used to disrupt telecommunications giant Orange Spain's internet traffic, an expert is warning all organizations to beware of copycat attacks - and to lock down their internet registry accounts.
Ukraine's security intelligence chief said Russian hackers had been responsible for severing internet access and mobile communications from telecom operator Kyivstar in December, after compromising the firm's network months ago. He said the "disastrous" cyberattack had wiped "almost everything."
As the threat landscape becomes more complex, organizations face challenges in obtaining an accurate picture of their attack surface. People, process, and technology challenges hinder progress and make it difficult for security teams to practice preventive cybersecurity.
The Cybersecurity and Infrastructure Security Agency announced plans to launch a two-year effort beginning in 2024 to modernize its legacy Automated Indicator Sharing program as part of an effort to enhance collaboration with the private sector and provide more actionable data to its partners.
Research by SentinelOne, Microsoft and PwC threat intelligence found "substantial cooperation and coordination" between Chinese threat groups on their choice of victims in the Middle Eastern region, shared infrastructure and tooling, and management practices.