From Caribbean shores to your devices: analyzing Cuba ransomware
The article analyzes the malicious tactics, techniques and procedures (TTP) used by the operator of the Cuba ransomware, and details a Cuba attack incident.
incident response
Best practices for implementing a proper backup strategy
Implementing a robust backup strategy for safeguarding crucial business data is more essential than ever. Without such a plan, organizations risk paying ransoms and incurring expenses related to investigations and lost productivity. In this Help Net Se…
Shifting left and right, innovating product security
In this Help Net Security interview, Slava Bronfman, CEO at Cybellum, discusses approaches for achieving product security throughout a device’s entire lifecycle, fostering collaboration across business units and product lines, ensuring transparen…
United Airlines Says the Outage That Held Up Departing Flights Was Not a Cybersecurity Issue
United Airlines flights were halted nationwide on Sept. 5, because of an “equipment outage,” according to the FAA.
The post United Airlines Says the Outage That Held Up Departing Flights Was Not a Cybersecurity Issue appeared first on SecurityWeek.
Velociraptor: Open-source digital forensics and incident response
Velociraptor is a sophisticated digital forensics and incident response tool designed to improve your insight into endpoint activities. Velociraptor enables you to conduct precise and rapid collection of digital forensic data across multiple endpoints …
Experts demand clarity as they struggle with cloud security prioritization
Cloud Native Application Protection Platforms (CNAPPs) have emerged as a critical category of security tooling in recent years due to the complexity of comprehensively securing multi-cloud environments, according to Cloud Security Alliance. Secure clou…
Ransomware dwell time hits new low
Median attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks during the first half of 2023, according to Sophos. In 2022, the median dwell tim…
What’s in a Name? The XDR for 2023 and beyond
Cisco announces General Availability of Cisco XDR on July 31, 2023, helping security analysts rapidly identify and remediate threats, optimizing SOC performance.
UAC: Live response collection script for incident response
Unix-like Artifacts Collector (UAC) is a live response collection script for incident response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD, and Solaris …
What is Incident Response? Ultimate Guide + Templates
Dive into the world of incident response and learn about key concepts and strategies for handling security incidents effectively.
The post What is Incident Response? Ultimate Guide + Templates appeared first on eSecurityPlanet.