Hcltm - Documenting Your Threat Models With HCL

Threat Modeling with HCL Overview There are many different ways in which a threat model can be documented. From a simple text file, to more in-depth word documents, to fully instrumented threat models in a centralised solution. Two of the most valuable attributes of a threat model are being able ...

Trellix Global Defenders: LAPSUS$ Data Breaches and Proactive Protections

Trellix Global Defenders: LAPSUS$ Data Breaches and Proactive Protections By Taylor Mullins · March 23, 2022 Trellix is continuing to monitor the threat activity related to the LAPSUS$ threat group and their recent breaches of large organizations such as NVIDIA, Samsung, Microsoft, and Okta. This...

Trellix Global Defenders: LAPSUS$ Data Breaches and Proactive Protections

Trellix Global Defenders: LAPSUS$ Data Breaches and Proactive Protections By Taylor Mullins · March 23, 2022 Trellix is continuing to monitor the threat activity related to the LAPSUS$ threat group and their recent breaches of large organizations such as NVIDIA, Samsung, Microsoft, and Okta. This...

How to Use Zero Trust Security for the Hybrid Cloud

Securing the hybrid cloud can be complex. Explore how CISOs can use the zero trust security approach for more proactive protection...

CISA, FBI, and NSA Release Cybersecurity Advisory on Russian Cyber Threats to U.S. Critical Infrastructure

CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA that provides an overview of Russian state-sponsored cyber operations, including commonly observed tactics, techniques, and procedures. The CSA also provides...

Log4Shell Strategic Response: 5 Practices for Vulnerability Management at Scale

This post is co-authored by Blake Cifelli, Senior Advisory Services Consultant. In today’s cybersecurity world, risks evolve faster than we can remediate them. To meet our goals and become resilient to these fast changes, we need the right balance of automation and human interaction. Enabling rap...

What's New in Threat Intelligence: 2021 Year in Review

This post was originally published on the IntSights blog. Last year marked a huge milestone with the acquisition of IntSights by Rapid7. The IntSights team is very excited to join a company committed to simplifying and improving security outcomes for its customers. Rapid7's focus is a great...

Workshop: Building Modern Applications with DevOps Security

In this workshop, you’ll learn how to leverage DevOps Security with your serverless applications running on AWS Lambda or containerized applications running on AWS Fargate. Learn how to make cloud security more efficient, proactive, and gain visibility...

Detect Exploitation Attempts With Qualys XDR (Beta)

The recently announced Log4JShell / CVE-2021-44228 exploit is the latest reminder of why it’s so important to maintain an enterprise-wide view of your security posture. The heart of the exploit centers around misuse of the JNDI lookup function built into log4j. Impact: There are multiple proofs o...

Cybersecurity Trends for 2022

Explore Trend Micro Research’s security insights and predictions for 2022 to enable more informed and proactive decision-making...

Designing a Proactive Ransomware Playbook for Today’s Threat Landscape

By Paul Baird, Chief Technology Security Office, Qualys Ransomware attacks are among the most significant cyber-threats facing organizations today. According to research by Gartner, ransomware is the highest priority 78 percent and most important emerging risk to track. Yet, organizations are sti...

Threat Source newsletter (Nov. 11, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. It's important to be proactive, and not reactive, with your security. It's always better to see the worst coming and block it than have to scramble to deal with the worst-case scenario in the moment. That's why it's so... This is...

Assess Your Risk From Ransomware Attacks, Powered by Qualys Research

Ransomware attacks are among the most significant cyber threats facing businesses today. Recent warnings about Conti ransomware, issued by a joint cybersecurity advisory from the U.S. Cybersecurity and Infrastructure Security Agency CISA, FBI and National Security Agency, are a strong signal that...

Combat attacks with security solutions from Trustwave and Microsoft

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. In 2021, cyberattacks and instances of ransomware demands against companies, agencies, and institutions have dominated the headlines. These kinds of attacks are on the rise and often...

New Rapid7 MDR Essentials Capability Sees What Attackers See: “It’s Eye-Opening”

The pandemic and remote work shattered your perimeter. Your attack surface has changed — and will keep changing. It’s our mission to help customers strengthen security defenses and stay ahead of evil. As the modern perimeter expands, new and old vulnerabilities emerge as open doors for attackers;...

Rapid7 Acquires IntSights to Tackle the Expanding Threat Landscape

I am pleased to share the exciting news that, today, Rapid7 acquired IntSights, a leading provider of cloud-native, external threat intelligence and proactive threat remediation. The IntSights team is fantastic, and their threat intelligence capabilities are equally impressive. I’ll share more...

MITRE ATT&CK® mappings released for built-in Azure security controls

The Security Stack Mappings for Azure research project was published today, introducing a library of mappings that link built-in Azure security controls to the MITRE ATT&CK® techniques they mitigate against. Microsoft once again worked with the Center for Threat-Informed Defense and other Center...

MITRE ATT&CK® mappings released for built-in Azure security controls

The Security Stack Mappings for Azure research project was published today, introducing a library of mappings that link built-in Azure security controls to the MITRE ATT&CK® techniques they mitigate against. Microsoft once again worked with the Center for Threat-Informed Defense and other Center...

CRSP: The emergency team fighting cyber attacks beside customers

What is CRSP? Microsoft Global Compromise Recovery Security Practice. Who is CRSP? We are a worldwide team of cybersecurity experts operating in most countries, across all organizations public and private, with deep expertise to secure an environment post-security breach and to help you prevent a...

CRSP: The emergency team fighting cyber attacks beside customers

What is CRSP? Microsoft Global Compromise Recovery Security Practice. Who is CRSP? We are a worldwide team of cybersecurity experts operating in most countries, across all organizations public and private, with deep expertise to secure an environment post-security breach and to help you prevent a...