You’ve probably heard of Threat Intelligence, it's all the rage and all the cool kids are doing it… where’ve you been? Threat Intelligence, or “TI,” is everywhere and in everything, and it can be cool, but it can also be slippery and confusing and complex and a huge waste of time and resources depending on what you do (or don’t do) with it. In this post, we’re going to make a bunch of snarky statements about Threat Intelligence, and we’re going to spill the tea on how you (as a small or medium sized business) can use it and actually get some security value in return.Read More
In retaliation for ongoing attacks against US interests and to be a deterrent against future cyberattacks, the United States has been penetrating Russian power and industrial systems according to recent reporting in the New York Times. There have been multiple articles about attacks on critical infrastructure and attempts to penetrate systems in this space. In the US, no breach has been reported to lead to a wide spread outage, but there has been an increasing level of concern.Read More
A few months ago, JasperLoader (a new malware loader) emerged, infecting systems with various malware payloads, such as the Gootkit Banking Trojan. After a short, initial campaign, the threat actors behind the malware halted their activity and JasperLoader went off the radar for a while. However, since late May, a new and upgraded version of JasperLoader has been spotted infecting machines across Europe.Read More
Quest Diagnostics, a large medical diagnostic and laboratory services provider, has been breached, potentially impacting tens of millions of patient records. In accordance with HIPAA, fines can range from $100 to $50,000, per record lost, if there was non-compliance. This means, at a minimum, Quest could be fined $1.2 billion dollars if they are found to have violated HIPAA. Increasingly, other regulatory regimes are imposing fines for lost records, as well. While we don’t yet know in detail how this happened, there are some important points to consider.
One of the challenges in threat intelligence is taking the massive amount of data we have about the threat landscape and distilling it into its most relevant components. A huge part of the reason for growth in data science (and in cyber security specifically) is habitually struggling with too much information. (With some exceptions) With this roadblock, it’s a challenge to focus in on the data that’s truly relevant.Read More