Healthcare chief information security officers are raising red flags to threat sharing groups about an alarming increase in cyberattacks amid the ongoing conflict in Ukraine – most notably by way of phishing incidents that target the C-Suite.
Reporter Josh Renaud notified the state that more than 100,000 educators' Social Security numbers were embedded in the HTML code of the Missouri Department of Elementary and Secondary Education. Gov. Mike Parson quickly insisted that viewing website source code — a built-in feature of all web browsers since the 1990s — was criminal hacking.
In a CyberRisk Alliance virtual event, Casey Ellis, the founder, chairman and CTO of Bugcrowd, speaks with SC Media Senior Reporter Joe Uchill about threat hunting while an organization's employees work from home.
Along with a single intake form, Google touts a more interactive, gamified site that offers per-country leaderboards and awards for finding certain bugs.
Security starts before detection and response, but many organizations focus there first. Mature security teams understand the importance of identification and protection. Establishing good cyber hygiene and taking proactive measures to secure themselves against the ever-increasing threat landscape is a critical first step in a holistic security program. How should organizations build a holistic security […]
Paul and I have talked a lot about his enchanted quadrants on the podcasts, but for those who haven’t watched, here’s a quick summary… An effective security program requires the integration of four key data sources: Logs (firewall, network, application, etc.) Endpoint (files, processes, logs, etc.) Network (flow and packets) Threat Intelligence Most organizations build […]
The endpoint market has been hot for years. At one point, there were over 80 new endpoint vendors trying to displace the traditional anti-virus vendors. The endpoint security market was transitioning from endpoint protection to endpoint detection and response (EDR). EDR is all the rage, but do you really need one? While the endpoint market […]
There are numerous security use cases where the integration of network packet data provides additional contextual information for better actionability. Free and open source packet capture tools do a great job capturing packets, but how do you collect, aggregate, and analyze that data at scale? Let’s start with a quick review of packet capture tools, […]