Better Cybercrime Metrics Act Signed Into Law
How standard frameworks like VERIS and MITRE ATT&CK enable a standard language and taxonomy about cyberattacks
-
-
FBI Director Warns of Chinese Espionage Threats
Use MITRE ATT&CK to ensure you have detections for the latest adversary techniques employed by APT groups like Deep Panda.
-
Devo Technology and the Autonomous SOC
Automation is critical for addressing constant change in threat landscape — plus exponential increase in volume of data collected to spot suspicious activities.
-
What It Takes to Become an Information Security Analyst
A natural curiosity for how things work, such as what the database logs tell you or what does a specific cloud permission let you do.
-
Patch, Remediation Advice Emerges for Spring4Shell Vulnerability
Monitor suspicious processes spawned by Java. Avoid false positives by investigating logs at least 90 days back and whitelisting known child-process.
-
New Imminent Threats to The Power Grid
Industrial control systems are juicy targets for nation-state attackers because they typically don’t have the same level of monitoring as corporate IT networks.
-
Google Cloud Security Survey is ‘Aggressive’ Move vs. Microsoft
High-profile attacks, such as the OPM breach, are typically the result of poor security practices rather than vulnerabilities in office productivity suites.
-
Top Security Information and Event Management (SIEM) Trends
Often cloud-based for scalability and simplicity, SIEMs are now centralized SecOps hubs for managing security incidents across their entire life cycle.
-
CardinalOps Sponsors SANS Webinar with Dr. Anton Chuvakin from Google Cloud on “The Future of SIEM”
Webinar recommends how to address constant change in the threat landscape and attack surface, plus dynamic business requirements such as cloud transformation.
-
Teen Mastermind Behind Lapsus$ Ransomware Attacks
Attack could be the next big supply chain attack (MITRE ATT&CK T1195.002), with a similar impact to SolarWinds. Monitor for any suspicious Okta activity.
-
How Should My Security Analyst Use the MITRE ATT&CK Framework?
ATT&CK lets you communicate with peers about attackers and the kill chain. Ensure you have detections for “crown jewel” assets such as endpoints and the cloud.
-
CardinalOps Raises $17.5M Series A for Remediating Riskiest SOC Coverage Gaps
Ponemon data shows more than 80% of security professionals rate complexity of their SOC as very high, and less than 40% assess their SOC as highly effective.