As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.
On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.
Read more…
Source: Rapid7
Related:
- Demand for cyber threat intel growing, White House official says
April 6, 2022
Private sector companies are increasingly asking the federal government for cyber threat intelligence as they seek to shore up their defenses against growing online threats, a White House cyber official told lawmakers on Wednesday. Robert Knake, a U.S. official in charge of budget and policy at the White House’s Office of the National Cyber Director, told ...
- Bank had no firewall license, intrusion or phishing protection – guess the rest
April 5, 2022
An Indian bank that did not have a valid firewall license, had not employed phishing protection, lacked an intrusion detection system and eschewed use of any intrusion prevention system has, shockingly, been compromised by criminals who made off with millions of rupees. The unfortunate institution is called the Andra Pradesh Mahesh Co-Operative Urban Bank. Its 45 ...
- How Does Cybersecurity Impact Environmental Services and Infrastructure?
April 4, 2022
Environmental sustainability has become a significant concern for businesses today. Yet, many are not seeing the connection between sustainability efforts and cybersecurity. Despite how different they may seem, these two topics are intertwined. If environmental services and infrastructure don’t embrace better security, the consequences could be severe. If organizations hope to make a positive environmental impact, ...
- An In-Depth Look at ICS Vulnerabilities Part 2
April 4, 2022
In part one, Trend Micro researchers discussed ICS-CERT advisories from 2010 to 2021. Using MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS, determined the number of identified CVEs that affect the ICS environment. For this blog entry, Trend Micro look into the sectors affected, especially during 2021: Read more… Source: Trend Micro Related story: An In-Depth Look ...
- SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965
April 4, 2022
On March 31, 2022, vulnerabilities in the Spring Framework for Java were publicly disclosed. Microsoft is currently assessing the impact associated with these vulnerabilities. This blog is for customers looking for protection against exploitation and ways to detect vulnerable installations on their network of the critical remote code execution (RCE) vulnerability CVE-2022-22965 (also known as ...
- Australia’s SkyGuardian drones shot down by spicy cybers
April 1, 2022
The Australian government has cancelled the SkyGuardian armed drone program for the Royal Australian Air Force. The funding is being redirected to the newly-announced REDSPICE cybersecurity and intelligence program. REDSPICE, the Resilience, Effects, Defence, Space, Intelligence, Cyber and Enablers program, is a flagship component of the federal Budget announced on Tuesday. The program aims to double the ...

