Articles about cyber threat intelligence

New research from asset visibility and security company Armis shows threat intelligence has become a top priority, yet organizations don't have a clear view of their networks.

The study of 400 IT professionals across the UK shows the top challenges they faced in the last six months as: keeping up with threat intelligence, compliance with cybersecurity regulations and frameworks, staffing and recruitment, an ever expanding attack surface, and visibility into all assets connected to the network.

Continue reading →

Intelligence is now considered essential to the process of identifying, understanding and acting upon threats. According to the "Global Perspectives on Threat Intelligence" study conducted by Mandiant, 96 percent of decision-makers interviewed for the research believe that it is important to understand which cyber threat actors could be targeting their organization. Consequently, threat Intelligence should be fully integrated into the internal mechanisms linked to threat detection and response. 

Before detailing how intelligence can be integrated into defense tools, it is necessary to talk about the nature of intelligence, the complexity of collecting it, and how to curate, qualify and act on it in the most efficient way. Intelligence effectiveness depends on the contextualization of the elements collected in relation to a business’s specific environment. Once the qualified information is available and translated into specific formats and languages, it can then be used appropriately in detection tools, such as network detection probes, SIEMs, EDRs, etc. 

Continue reading →

Cybercriminals and fraudsters have long relied on a dark web community to exchange information on vulnerable businesses and individuals as well as trading fraud-as-a-service schemes.

In an effort to turn the tables, Sift is launching a new online community called 'Sifters' to allow its customers to learn from, interact with, and share information with each other, including on any emerging fraud threats they encounter.

Continue reading →

Traditionally used by intelligence agencies and the military, the OSINT technique is used to gather information about people, organisations or companies from freely accessible sources, then analyse the data obtained and draw useful conclusions and information from it.

But IT security experts can also benefit from the technique to discover potential vulnerabilities and remediate them before they're exploited by attackers.

Continue reading →

This summer, Gartner introduced Continuous Threat Exposure Management (CTEM). This is a set of processes and capabilities that allow organizations to create a system for review of exposures that is faster than the periodic project-based approach.

With endless threats and vulnerabilities hammering today's organizations, exposure management that evaluates the accessibility, exposure and exploitability of all digital and physical assets is necessary to govern and prioritize risk reduction for enterprises.

Continue reading →

The software supply chain is increasingly being weaponized by attackers seeking to compromise businesses and steal information.

Application security specialist Checkmarx is looking to combat this with the launch of a new product which delivers detailed threat intelligence on hundreds of thousands of malicious packages, contributor reputation, malicious behavior and more.

Continue reading →

Threat hunting takes a proactive approach to identifying the security issues an organization might face. But since it tends to be based on intelligence about current threats it can overlook new ones.

Now though Trustwave has enhanced its Advanced Continual Threat Hunting platform, offering resulting in a three times increase in behavior-based threat findings that would have gone undetected by current Endpoint Detection and Response (EDR) tools.

Continue reading →

A barrage of new threats along with increasingly complex IT environments and a shortage of skilled staff make securing the enterprise and ensuring compliance more of a challenge than ever.

In order to help businesses visualize attack surfaces, understand security requirements and prioritize steps to mitigate threats across environments, ThreatModeler is launching a new cybersecurity asset marketplace.

Continue reading →

You'll often hear cybersecurity discussed in military terms, as a war, or a battle, or a conflict. So should enterprises be taking a defensive approach that draws on military thinking?

Tom Gorup is VP of security operations at Fortra's Alert Logic, a managed detection and response specialist. He's also a veteran of six years in the US Army with tours of Iraq and Afghanistan. We spoke to him to discover how lessons learned on the battlefield can be applied to cybersecurity.

Continue reading →

A new study from Splunk, in collaboration with Foundry, finds that 49 percent of public sector agencies struggle to leverage data to detect and prevent cybersecurity threats.

The report shows 50 percent of the sector has issues leveraging data to inform cybersecurity decisions, and 56 percent of public sector agencies have difficulties leveraging data to mitigate and recover from cybersecurity incidents.

Continue reading →

Cybersecurity issues are increasingly complex and that means that they are unlikely to be addressed by just a single vendor. And when an attack does happen it needs to be stopped fast, which needs close collaboration.

A new Data Security Alliance announced today by Cohesity aims to combine best-in-class solutions from industry leading cybersecurity and services companies with exceptional data security and management expertise.

Continue reading →

A new study from Vulcan Cyber shows 75 percent of organizations have dedicated threat intelligence teams and two-thirds have dedicated threat intelligence budgets.

However, 73 percent of respondents say a lack of skills is their biggest threat intelligence challenge and is keeping organizations from making the most of their investments in threat intelligence resources.

Continue reading →

Security breaches cost more than just money. Investing in data security today prevents long-term negative consequences that cost your business time, money, and reputation. Acquiring threat intelligence data is a primary step in preventing cyberattacks, and web scraping is the method of choice for many modern data-driven businesses.

Business and personal activities are increasingly being digitized. Whether you are simply taking your temperature with a connected thermometer or sending products across complex supply chains, enterprises continuously collect data to improve services and refine operational processes.

Continue reading →

Globally, the cyber threat level to organizations remains high and the current situation only serves to highlight this further. To this point, any organization that has substantial gaps in its cybersecurity capabilities is operating at risk, and when the threat landscape changes, as it has now, so we become more aware of the vulnerabilities that we have carried for some time and the need for better Cyber Threat Intelligence. 

Two major cybersecurity events of the past 12 months really showcase the requirement for CTI in network security operations -- the SolarWinds software supply chain attack which broke at the start of 2021 and the Log4j vulnerability response process that occurred at the end of 2021. Both of these incidents highlight the need to rapidly gain situational awareness, contextualize vast amounts of information being shared, and prioritize remediation of significant threats.

Continue reading →

Almost every organization is struggling with malware analysis according to a new report from infrastructure protection company OPSWAT.

The study finds 94 percent of organizations are finding it challenging to recruit, train, and retain malware analysis staff. In addition 93 percent of organizations are challenged by malware analysis tools that lack automation, integration, and accuracy. This leads to over 20 percent of organizations reporting they are unable to investigate and resolve a majority of their malicious files or alerts.

Continue reading →