Elastic Security’s advancements offer transformative potential exemplifying the importance of embracing innovative solutions to enhance cybersecurity operations. As Elastic continues to evolve its Search AI Platform, organizations like Proficio can look forward to even greater protection and resiliency of its critical infrastructures.Want to learn more? Check out the full … [Read more...] about How Proficio enhanced cybersecurity with Elastic Search AI to reduce threat detection time by 34%
Threat
The 2024 Elastic Global Threat Report: Forecasts and recommendations
Yesterday, Elastic Security Labs released the 2024 Elastic Global Threat Report, a comprehensive look at more than 1 billion data points from Elastic’s unique telemetry. The report provides insights into the methods, techniques, and trends of threat actors from the perspective of defenders — giving crucial insights for security teams to prioritize and improve their security … [Read more...] about The 2024 Elastic Global Threat Report: Forecasts and recommendations
Threat modeling: As easy as OATMEAL
Threat actors are constantly evolving their tactics, techniques, and procedures (TTPs), which often makes understanding and mitigating potential threats a daunting task. Traditional threat modeling frameworks can fall short or even be seen as intimidating to defenders trying to model potential threats. This is often due to the complexity or amount of effort and knowledge … [Read more...] about Threat modeling: As easy as OATMEAL
North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams
Sep 07, 2024Ravie LakshmananCyber Security / Malware Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a new report about threats faced by the Web3 sector. "After an … [Read more...] about North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams
Leveraging Threat Intelligence in Cisco Secure Network Analytics
Cisco Secure Network Analytics provides pervasive network visibility and security analytics for advanced protection across the extended network and cloud. The purpose of this blog is to review two methods of using threat intelligence in Secure Network Analytics. First, we will cover the threat intelligence feed, and then we will look at using your own internal threat … [Read more...] about Leveraging Threat Intelligence in Cisco Secure Network Analytics
Threat Actor Uses Fake Recovery Manual to Deliver Unidentified Stealer
On July 22, 2024, CrowdStrike Intelligence identified a Word document containing macros that download an unidentified stealer now tracked as Daolpu. The document impersonates a Microsoft recovery manual.1 Initial analysis suggests the activity is likely criminal. Technical Analysis Lure Document The analyzed … [Read more...] about Threat Actor Uses Fake Recovery Manual to Deliver Unidentified Stealer
Threat Actor Distributes Python-Based Info Stealer Using Fake Update
Summary On July 23, 2024, CrowdStrike Intelligence identified a malicious ZIP file containing a Python-based information stealer now tracked as Connecio. A threat actor distributed this file days after the July 19, 2024, single content update for CrowdStrike’s Falcon sensor — which impacted Windows operating systems — was identified and a fix was deployed. The ZIP file uses the … [Read more...] about Threat Actor Distributes Python-Based Info Stealer Using Fake Update
Hacktivist Entity USDoD Claims to Have Leaked CrowdStrike’s Threat Actor List
The threat intel data noted in this report is available to tens of thousands of customers, partners and prospects – and hundreds of thousands of users. Adversaries exploit current events for attention and gain. We remain committed to sharing data with the community. On July 24, 2024, hacktivist entity USDoD claimed on English-language cybercrime forum BreachForums to have … [Read more...] about Hacktivist Entity USDoD Claims to Have Leaked CrowdStrike’s Threat Actor List
CrowdStrike Sets New Benchmark with Fastest Threat Detection
Security teams must outpace increasingly fast and sophisticated adversaries to stay ahead. In the most recent closed-book MITRE Engenuity ATT&CK® Evaluations: Managed Services, the CrowdStrike Falcon® platform once again demonstrated it stands alone in its ability to deliver the speed and efficacy needed to stop breaches. CrowdStrike Falcon Complete® managed detection and … [Read more...] about CrowdStrike Sets New Benchmark with Fastest Threat Detection
How to Monitor Network Traffic: Findings from the Cisco Cyber Threat Trends Report
The threat landscape is full of moving targets. Over time, popular tools, tactics, and procedures change. Malicious techniques fall out of fashion, only to come roaring back months, if not years, later. All the while, security practitioners monitor network traffic and adapt their defenses to protect their users and networks. Keeping on top of these trends is one of the most … [Read more...] about How to Monitor Network Traffic: Findings from the Cisco Cyber Threat Trends Report