Wonder Information


MITRE Shield Matrix Highlights Deception & Concealment Technology

The role that these technologies play in the MITRE Shield matrix is a clear indicator that they are an essential part of today’s security landscape. It’s an age-old question: How do you know if you need more security? MITRE has been diligently working to document tactics and techniques to assess […]


Attackers finding new ways to exploit and bypass Office 365 defenses

Over the six-month period from March to August 2020, over 925,000 malicious emails managed to bypass Office 365 defenses and well-known secure email gateways (SEGs), an Area 1 Security study reveals. How criminals bypass Office 365 defenses Attackers increasingly use highly sophisticated, targeted campaigns like business email compromise​ to evade […]


Iran-linked Silent Librarian APT targets universities again

Iran-linked cyberespionage group Silent Librarian has launched a new phishing campaign aimed at universities around the world. Iran-linked APT group Silent Librarian has launched another phishing campaign targeting universities around the world. The Silent Librarian, also tracked as Cobalt Dickens and TA407, targeted tens of universities in four continents in the […]


Container sind von Natur aus sicher!

In der Entwickler-Community ist viel Enthusiasmus für die Einführung von Containern zu spüren, weil sie dazu beitragen, die Entwicklung und Bereitstellung von Cloud-nativen Anwendungen zu beschleunigen und zu vereinfachen, wie Palo Alto Networks beobachtet. Container werden auch oft als sicher angesehen, aber in Wirklichkeit sind sie weit davon entfernt, undurchdringlich […]


SecOps teams turn to next-gen automation tools to address security gaps

SOCs across the globe are most concerned with advanced threat detection and are increasingly looking to next-gen automation tools like AI and ML technologies to proactively safeguard the enterprise, Micro Focus reveals. Growing deployment of next-gen tools and capabilities The report’s findings show that over 93 percent of respondents employ […]


Businesses Rethink Endpoint Security for 2021

The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year? This year has put IT and security teams to the test as organizations quickly transitioned to a fully remote workforce to stop the spread of COVID-19. […]


Defining ATT&CK Data Sources, Part II: Operationalizing the Methodology

In Part I of this two-part blog series, we reviewed the current state of the data sources and an initial approach to enhancing them through data modeling. We also defined what an ATT&CK data source object represents and extended it to introduce the concept of data components. In Part II, […]


Treasury sanctions Russian research institute for Triton attack

The Treasury Department’s Office of Foreign Assets Control sanctioned a Russian government research institution linked to Triton malware targeting industrial safety systems, the first time the U.S. took such an action for an industrial control system attack. Treasury Secretary Steve Mnuchin called out the Russian government for continuing “to engage […]


Moving to the cloud with a security-first, zero trust approach

Many companies tend to jump into the cloud before thinking about security. They may think they’ve thought about security, but when moving to the cloud, the whole concept of security changes. The security model must transform as well. Moving to the cloud and staying secure Most companies maintain a “castle, […]


BSI unter den TOP 10 der familienfreundlichsten Arbeitgebern

BSI unter den TOP 10 der familienfreundlichsten Arbeitgebern Freundin und kununu verleihen zum fünften Mal das Siegel „Die familienfreundlichsten Arbeitgeber“ – das BSI ist unter den Top 10. Ort BonnDatum 21.10.2020 Die Medienmarke Freundin und die Arbeitgeber-Bewertungsplattform kununu würdigten auch in diesem Jahr wieder die Vereinbarkeit von Familie und Beruf, […]


Context-Driven Vulnerability Detection and Prioritization

What you’ll learn: It’s unrealistic to address every single vulnerability Context is critical to making the right remediation decisions A variety of factors should go into determining which vulnerabilities to address first Organizations deal with numerous vulnerabilities every day, and have to determine which ones need addressing immediately. Not all […]


How to Secure Microservices Architecture

The use of microservices-based architecture to realize complex, evolving solutions is growing in popularity. Microservices make it much easier to replace or upgrade components mid-flight. It also allows multiple developers to work on different aspects of the overall solution without affecting each other.  However, microservices architecture comes with its own […]


How Can CEOs Build Business Resiliency?

Digital transformation has been a critical differentiator for enterprise crisis recovery. The need to shift entire workforces and operations in response to a global pandemic was a wake-up call to digital resistors, as they lacked the flexibility and innovation to better adapt to changing conditions. Now, ten months after the […]


Using Collaboration to Complement MDR

Speakers: Craig Bray, Director, Pre-Sales Engineering, Channel and Alliances Secureworks and Dan Graney, Director, Competitive Intelligence & Security Strategist, CarbonBlack Live: November 9, 2020 What you’ll learn: How to identify signs that your cybersecurity team needs more help How great endpoint solutions reduce complexity and siloes How Managed Detection & […]


Geschäftsmodelle für Smart Energy: Thüga vernetzt Stadtwerke auf Innovationsplattform

Das Team hinter der Innovationsplattform treibt die Themen auf Projektebene voran, unterteilt in die vier Cluster Smart City, Smart Living, Smart Energy und Mobilität.Foto: Peter Diehl, Thüga Aktiengesellschaft Der Wettbewerb auf dem Energiemarkt hat sich verschärft und Branchengrenzen verfließen – viel stärker als früher müssen sich Stadtwerke mit anderen Marktteilnehmern […]


Carnival Corp. Ransomware Attack Affects Three Cruise Lines

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter. Read the Full Article […]


Vulnerability Management Maturity Model Part II

Hello again everyone. I hope you enjoyed the summer and the time you spent actively studying the SANS Vulnerability Management maturity model that was released in May (and can be found here ). Over the summer I expect you ordered your own copy (or 10) and wallpapered your office with […]


Threat Roundup for October 9 to October 16

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Oct. 9 and Oct. 16. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and […]


So funktioniert Red Teaming

Im aktuellen Podcast streifen wir die Warnweste über und spazieren als Servicetechniker getarnt in ein durchschnittliches, deutsches Unternehmen. Begleiten Sie uns auf unserem Weg zum Serverraum, wo wir eine Datenbank mit vertraulichen Geschäftsinformationen stehlen wollen… Read the Full Article here: >Security-Insider | News | RSS-Feed


August 2020 Cyber Attacks Statistics

Views: 5 After the cyber attacks timelines (part I, and part II), it’s time to publish the statistics for August. If you believe that the Summer could slow down the criminal business, you will be disappointed. In August I have analyzed a total of 197 events, the highest value so […]


Azure Security Benchmark v2: What you need to know

Microsoft’s recently released Azure Security Benchmark v2 allows you to map to the same benchmarks that you use for your on-premises technology. The benchmarks for both CIS Controls v7.1 and NIST SP800-53 r4 Security and Privacy Controls for Federal Information Systems and Organizations will soon be aligned with the Azure […]


Automating Vulnerability Management

What you’ll learn: Why contextual prioritization is critical to VDP What elements of a complete VM program are included Where VDP provides automation Secureworks VDP delivers critical information for each vulnerability given its unique circumstances, environment and context. VDP uses powerful software to produce a fully integrated and comprehensive solution, […]


Guide: Scale or Fail — Why MSSPs Need Multitenant Security Solutions

Managed Security Services Providers (MSSPs) have it rough. They have the burden of protecting their client organizations from cyberattacks, with clients from different industries, different security stacks, and different support requirements. And everything is in a constant state of flux. MSSPs are turning to multitenant solutions to help reduce the […]


Mit Retrofit zur Smart Factory

IIoT-Funktionalität nachrüsten Mit Retrofit zur Smart Factory Inmitten der sich verschärfenden Wirtschaftskrise wenden sich immer mehr Industrieunternehmen dem Industrial Internet of Things (IIoT) zu, um ihre Anlagen aus der Ferne zu überwachen und ungeplante Ausfallzeiten zu verhindern. Ein wichtiger Aspekt ist dabei die Nachrüstung alter Anlagen. Bild: ©industrieblick/stock.adobe.com Produktionsunternehmen investieren […]


BKA warnt vor neuer Cyber-Angriffswelle

BKA warnt vor neuer Cyber-Angriffswelle Das Bundeskriminalamt (BKA) schlägt Alarm und zeichnet ein düsteres Bild der Bedrohungslage. Hacker nutzen die Covid-19 Krise und attackieren bevorzugt Angestellte im Homeoffice. Wenig Grund zum Optimismus: Die Zahl der Cybercrime-Fälle steigt, die Aufklärungsquote sinkt dagegen laut dem aktuellen Lagebericht des Bundeskriminalamts (BKA). Die Sonderauswertung […]


Building an Information Security Program Post-Breach Part III

PART III Gap Analysis This is Part II of a 3-part blog series based on MGT514: Security Strategy, Policy, and Leadership. Read Part I here. Read Part II here. Now that we have industry standard frameworks to follow, we can focus on getting Rekt Casino secure and operational. At this […]


Cloudflare One: A cloud-based network-as-a-service solution for the remote workforce

Cloudflare released Cloudflare One, a comprehensive, cloud-based network-as-a-service solution for your workforce. As more businesses rely on the internet to operate, Cloudflare One protects and accelerates the performance of devices, applications, and entire networks to keep workforces secure. Now businesses can protect their workforce in a flexible and scalable way, […]


Google expands BeyondCorp alliance to push zero trust security

As the number of remote workers continues to soar, Google is expanding efforts to push a new model for security designed around zero trust. Following the release of its BeyondCorp product earlier this year, the company is adding four new partners to help make this standard more effective and easier […]


How to improve the cybersecurity of your remote workers

Cyberattacks against businesses have spiked since the shift to remote work began in early 2020, says Keeper Security. Image: iStock/rawpixel The coronavirus pandemic and lockdown forced organizations to make dramatic changes over a quick period of time. One of the biggest changes has been the shift to a remote workforce. […]


What Is the New Employment Deal?

COVID-19 has transformed the relationship between employers and employees. Today’s new employment deal centers on positively impacting employees’ lives while improving talent outcomes for employers. Organizations are providing employees more flexibility than ever before, creating a shared purpose and building deeper connections with employees. “The employers that get this right […]


Red Team Tactics: Hiding Windows Services

A little known feature of Windows allows the red team or an attacker to hide services from view, creating an opportunity to evade detection from common host-based threat hunting techniques. In a recent red team engagement, my team was up against some well-trained, sophisticated defenders. We built custom malware to […]


Cybercriminals are using legitimate Office 365 services to launch attacks

Vectra released its report on Microsoft Office 365, which highlights the use of Office 365 in enterprise cyberattacks. The report explains how cybercriminals use built-in Office 365 services in their attacks. Attacks that target software-as-a-service (SaaS) user accounts are one of the fastest-growing and most prevalent problems for organizations, even […]


The Top Internet of Things (IoT) Authentication Methods and Options

The Top Internet of Things (IoT) Authentication Methods and Options Research October 12, 2020 Read Ellen Boehm list top Internet of Things authentication methods and options on Security Boulevard: IoT authentication is a model for building trust in the identity of IoT machines and devices to protect data and control access […]


Most enterprises struggle with IoT security incidents

Most enterprises struggle with IoT security incidents Research October 12, 2020 According to new data released by Cybersecurity Insiders, 72% of organizations experienced an increase in endpoint and IoT security incidents in the last year, while 56% anticipate their organization will likely be compromised due to an endpoint or IoT-originated […]


How to foster a secure and compliant DevOps culture

Companies looking to balance DevOps with compliance are ever-mindful of filing requirements by the Securities and Exchange Commission. Today’s columnist, John Worrall of ZeroNorth, offers ways for companies to better integrate DevOps and compliance teams. (Credit: Creative Commons: BY-NC-SA 2.0) It’s challenging to talk about DevOps and compliance together. Most […]


The Industrialization Of Intelligence Will Drive The Autonomous Enterprise

Today, on the back of already accelerating technology-fueled disruption, the COVID-19 pandemic has propelled us into the future faster than expected. We now stand on the cusp of a new era of transformation. One that will use intelligent systems of automation, in addition to systems of insights, to reduce the […]


Hacker missbrauchen Open Source Tools

Hacker missbrauchen Open Source Tools Immer mehr Offensive Security Tools (OST) unter Open Source Lizenz, die eigentlich dazu dienen sollten, die Informationssicherheit zu verbessern, landen in den Händen von Hackern. Eine kontroverse Diskussion tobt derzeit in der Infosec Community um das Thema  Offensive Security Tools (OST), wie der israelische Sicherheitsforscher […]


The brain of the SIEM and SOAR

SIEM and SOAR solutions are important tools in a cybersecurity stack. They gather a wealth of data about potential security incidents throughout your system and store that info for review. But just like nerve endings in the body sending signals, what good are these signals if there is no brain […]


Garnter names ThreatQuotient a representative vendor for SOAR

Security operations platform provider ThreatQuotient has been included as a Representative Vendor in the 2020 Gartner Market Guide for Security Orchestration, Automation and Response (SOAR) Solutions.  As defined by Gartner, SOAR solutions “combine incident response, orchestration and automation, and threat intelligence (TI) management capabilities in a single platform.” A representative […]


Security Automation: when, why, and how

Paula Januszkiewicz, founder and CEO of consulting company CQURE speaks at the RSA Conference in Asia last year. Today’s columnist, Tim Erlin of Tripwire, says security teams can automate anything today, but they still need strong security pros like Januszkiewicz to drive decisions on what processes to automate. (Credit: Cyberraccoon […]


The anatomy of an endpoint attack

Cyberattacks are becoming increasingly sophisticated as tools and services on the dark web – and even the surface web – enable low-skill threat actors to create highly evasive threats. Unfortunately, most of today’s modern malware evades traditional signature-based anti-malware services, arriving to endpoints with ease. As a result, organizations lacking […]