What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-04-30 08:33:11 | Découvrez le côté obscur des DLL (Dynamic Link Library) (lien direct) | >En bref :Le chargement latéral de DLL (Dynamic Link Library) est une technique permettant d'exécuter des charges virales malveillantes dans une DLL masquée en exploitant le processus d'exécution d'une application légitime.Des groupes de malware, tels que les groupes APT chinois et les malwares Darkgate, exploitent sur le terrain une vulnérabilité de chargement latéral de DLL Zero-Day [...] | Malware Vulnerability Threat | ||
|
2023-10-10 12:09:54 | La chasse aux menaces avec LogPoint (lien direct) | >La chasse aux menaces est une expression très tendance dans l'univers de la cybersécurité, mais de quoi s'agit-il réellement? Les fonctionnalités proposées par LogPoint permettant cette chasse aux menaces, notamment l'analyse avancée, l'enrichissement, les corrélations, l'UEBA et la création de rapports, vous permettront de renforcer votre stratégie globale en matière de sécurité en utilisant une [...] | Threat | ★★ | |
|
2023-02-22 00:00:05 | Critical Infrastructure: Financial Data (lien direct) | >Cybersecurity is an essential practice for safeguarding data within business-critical systems and applications.Criminals are likely to target the sectors where the biggest potential windfalls are to be gained. Threat actors are constantly looking for ways to gain leverage and use it to their advantage - and the more compromising and sensitive the data, the better.The [...] | Threat | ★★ | |
|
2023-02-09 10:24:57 | Long-term resilience – Driven by innovative leadership (lien direct) | >Cybersecurity used to be seen as a less-than-necessary investment. Business leaders were of the opinion that it's better to gamble on not getting targeted by threat actors than to spend money on protecting their digital infrastructure and consequently diminish their profits. And so, fast forward to today and this opinion is way outdated. Thanks to the [...] | Threat Guideline | ★★ | |
|
2023-01-24 15:02:39 | Ransomware-as-a-Service (RaaS) – A Growing Threat in Cybersecurity (lien direct) | >In the world of cybersecurity, ransomware-as-a-service (RaaS) has become a growing concern for businesses and individuals alike. RaaS is a type of cyberattack where hackers gain access to a victim's system and then encrypt their files, making them unusable. The hacker will then demand a ransom from the victim in order to decrypt the files [...] | Threat | ★★ | |
|
2023-01-17 14:46:30 | Embracing randomness to detect threats through entropy (lien direct) | >By Bhabesh Raj Rai, Security ResearchContentsWhat is Entropy?The calculationUse cases using the entropy methodLayer your defenses to detect evasion and blindspotsTL;DRAdversaries are constantly shifting tactics and uncovering new ways to attack businesses. One way analysts can defend against the continuously changing threat landscape is by layering defenses to help eliminate unknown blind spots.Here we explain [...] | Threat | ★★★ | |
|
2023-01-16 12:43:43 | Hive hunter: The tools and tactics to track down Hive ransomware (lien direct) | >By Rabindra Dev Bhatta, Security ResearchContentsFast FactsTechnical analysisHunting Hive with LogpointInvestigation and response with LogpointRemediation and mitigation best practicesFinal thoughtsTL;DRA comparatively new ransomware, Hive is around one-and-a-half years old in the wild, but it is already among the top ransomware threats in the industry. Threat actors have been using Hive to target a variety of [...] | Ransomware Threat | ★★★ | |
|
2022-12-07 11:56:23 | Detect, manage and respond: Clop ransomware (lien direct) | >by Santosh Nepal, Security Analytics EngineerContentsTL;DRFast FactsDetecting Clop using LogpointDetecting execution of a malicious documentIncident investigation and response using Logpoint SOAROut-of-the-box Logpoint playbooksBest practicesDetecting signs of ransomware from common threat actors early is keyTL;DRThere is a growing complexity of ransomware development and threat actors who are continuously adding different sophisticated techniques to their arsenal. When Michael [...] | Ransomware Threat | ★★★ | |
|
2022-12-05 10:30:44 | Agent-X open hours series (lien direct) | >Logpoint's converged security operations platform protects the entire business and now launches a new agent that improves threat detection, accelerates the investigation and ensures fast remediation.Logpoint's new agent, AgentX is a lightweight application that transports logs and telemetry from endpoints (all servers, workstations, and applications) to the SIEM, and performs automated real-time investigation and remediation [...] | Threat | ★★ | |
|
2022-11-30 12:12:16 | Cyber insurance paradigm shift: Protecting the business without the \'hail mary\' remedy (lien direct) | >Ransomware attacks and their significant financial threat to organizations have contributed to a growing interest in cyber insurance policies. After all, insurance has traditionally promised to cover everything from ransom payouts to incident response and PR related to corporate image taking a hit in the wake of an attack.Ironically, this year ransomware attacks have intensified [...] | Ransomware Threat | ★★ | |
|
2022-11-17 11:39:21 | (Déjà vu) Emerging Threats: IcedID Beacon – Hunting, Preventing, and Responding to IcedID Malware using Logpoint (lien direct) | >By Nilaa Maharjan, Security Research Index Why is this threat noteworthy? Ice-breaker #1. Delivering IcedID via contact form Ice-breaker #2. Delivering IcedID via Spoofed Invoices Adding legal threats to social engineering tactics Defending against sophisticated attacks through a coordinated defense Executive Summary: IcedID, aka BokBot, is a banking trojan that has evolved multiple times [...] | Malware Threat | ★★ | |
|
2022-11-17 11:39:21 | IcedID-IcedID Beacon – Hunting, Preventing, and Responding to IcedID Malware using Logpoint (lien direct) | >Index Why is this threat noteworthy? Ice-breaker #1. Delivering IcedID via contact form Ice-breaker #2. Delivering IcedID via Spoofed Invoices Adding legal threats to social engineering tactics Defending against sophisticated attacks through a coordinated defense Executive Summary: IcedID, aka BokBot, is a banking trojan that has evolved multiple times and is now used as [...] | Malware Threat | ||
|
2022-10-06 13:37:39 | Critical Infrastructure: Cybersecurity and protecting governmental data (lien direct) | >Large databases housing valuable information are an appealing target for threat actors. After all, it's in their interests to find as much leverage as possible to obtain a greater 'reward' for their activities.Governmental databases in particular can be lucrative and enticing, with the vast reserves of sensitive information there to be harvested. Upon breaching a [...] | Threat | ||
|
2022-09-27 13:03:33 | Logpoint Converged SIEM – What it is and why you need it. (lien direct) | >In its simplest form, Converged SIEM is the merge of cybersecurity platforms into one holistic solution at the forefront of SaaS cybersecurity - CSaaS. The combination of SIEM and SOAR provides threat detection, investigation, and response from the cloud. In essence, then, the on-prem appliance collects, normalizes, and enriches your logs - the data is [...] | Threat | ||
|
2022-09-23 10:00:08 | The first 5 tools needed for an MSSP\'s locker (lien direct) | >A Managed Security Service Provider's (MSSP) number one priority is to ensure that clients stay protected from malicious threat actors. But an MSSP's ability to detect threats and quickly alert service users to the danger often depends on the systems that are in place.In this blog, we'll take you through five essential tools that build [...] | Threat | ||
|
2022-09-21 07:20:41 | What the Quack: Hunt for the QBOT with Logpoint (lien direct) | >-Nilaa Maharjan Logpoint Global Services & Security ResearchExecutive Summary:QakBOT, also spelled Quakbot is an old banking trojan active since 2007 that has seen a rise as multiple threat actors are caught using it in their malspam campaigns, following brief inactivity in early 2022.It has been seen spreading primarily through attachments and links in targeted spearphishing [...] | Threat | ||
|
2022-06-20 14:12:28 | ChromeLoader: A rise in malvertisers (lien direct) | >Nilaa Maharjan, Logpoint Global Services & Security ResearchThis blog post provides an overview of the research conducted on a surge of increasing threat - malvertizers, specifically, Chromeloader. The blog post is accompanied by a Logpoint Emerging Threats Protection report, covering detection methods, investigation playbooks, and recommended responses and best practices. However not specific to chrome, [...] | Threat | ||
|
2022-03-14 13:26:58 | Detecting malicious macros is a vital tool in the fight against malware (lien direct) | >by Bhabesh Raj Rai, Security ResearchEven the most sophisticated and advanced state-sponsored attackers leave digital traces and detecting these anomalies is key to protecting organizations against malware. One common method threat actors use to initiate malware campaigns is by phishing with a malicious Word document. When a user opens the document, it's likely to trigger [...] | Malware Tool Threat | ||
|
2020-10-01 11:26:19 | A Simple Guide to Threat Hunting (lien direct) | Threats are continually changing and becoming more sophisticated. Making it impossible to buy a tool that detects every potential cyberthreat. You can help protect your business by taking a proactive approach to hunting threats. According to the 2020 Verizon Data Breach report, more than 25% percent of breaches took months or longer to discover This [...] | Data Breach Tool Threat | ||
|
2020-09-29 10:32:33 | Threat hunting with Linux – Detecting a cryptomining attack (lien direct) | By Bhabesh Raj Rai, Associate Security Analytics Engineer, LogPoint Cryptomining malware was extremely popular in 2019 and is still relevant in today's threat landscape. As per the IBM X-Force telemetry, cryptomining activity spiked to unprecedented levels during mid-2019. At present, coin miners have seen a steady increase in the number of reports during [...] | Malware Threat | ||
|
2020-09-15 09:34:01 | What is Threat Detection? Learn about response, solutions and benefits of advanced cyber threat detection (lien direct) | What is Threat Detection? Threat detection is typically described as an activity relating to the identification of threats within an organization. Often this task is at least partially automated and involves big data processing – especially in larger environments. In fact, in most modern organizations, automation is becoming a necessity for advanced threat detection. [...] | Threat | ||
|
2020-08-18 20:00:52 | 9th September – Faster Detection and Response with MITRE ATT&CK (lien direct) | The MITRE ATT&CK framework is a tool to help security teams create a more effective security defense. ATT&CK uses open standards and is essentially a database of documented threat behaviors. Using the ATT&CK framework, analysts can track threat actor behavior to speed up incident response and investigation. When combined with a SIEM or UEBA solution, [...] | Tool Threat | ★★ | |
|
2020-07-18 10:38:08 | Detecting Exim exploitation by Sandworm APT with LogPoint (lien direct) | By Ivan Vinogradov, Solution Architect, LogPoint The Sandworm Team, a group of known threat actors, have exploited a vulnerability in the Exim Mail Transfer Agent. Associated with the Russian GRU agency since August 2019, Sandworm introduced the vulnerability CVE-2019-10149 in version 4.87 of the Exim software.Organizations can mitigate the vulnerability by implementing the appropriate patches, [...] | Vulnerability Threat | ||
|
2019-10-03 11:16:00 | 14th November – Are you ready to reduce your IT infrastructure complexity & costs exponentially? (lien direct) | Critical security solutions such as a SIEM can be burdensome to maintain: writing queries, gaining situational awareness while having valuable analytics and keeping track of emerging threats becomes increasingly challenging. By definition, a great SIEM tool improves threat detection and response with real-time data analysis, early detection of data breaches, data collection, data storage and [...] | Tool Threat | ||
|
2019-10-03 09:15:56 | 24th October – Find out how LogPoint SIEM disrupts the industry and why this should interest you greatly. (lien direct) | By definition, a great SIEM tool improves threat detection and response with real-time data analysis, early detection of data breaches, data collection, data storage and reporting. How can organizations be digitally innovative, compliant and effective, while keeping data safe? The value of your IT system and business increases dramatically when you put that data into [...] | Tool Threat | ||
|
2019-07-18 12:09:05 | Threat Hunting with LogPoint (lien direct) | Threat hunting is a popular buzzword in cybersecurity, but how does it actually work? LogPoint's Threat Hunting capabilities, including advanced analytics, enrichment, correlations, UEBA, and reporting, will empower you to strengthen your overall security posture with the use of a single interface.LogPoint also uses threat intelligence feeds to automate some aspects of threat hunting. Threat [...] | Threat | ||
|
2019-06-19 10:46:00 | 19th June – SIEM – Enabling the Intelligence around Cyber and Operational Threats (lien direct) | Security Information and Event Management (SIEM) now moving from a nice to have to a necessity for many organizations. This is being driven by many factors: A constant need to keep up with the scope and pace of regulatory change A growing and evolving threat landscape Growing need for cyber skills, with limited personnel to [...] | Threat | ||
|
2019-04-10 07:47:01 | Indicators of Compromise – Insider Threat (lien direct) | by Jake Anthony, LogPoint Senior Sales Engineering Manager We no longer live in a world where we have the privilege of believing our privacy is our own, or that we are 100% effective in protecting the privacy of those people that entrust their data to us. Organizations are slowly, ever so slowly, coming around to [...] | Threat | ||
|
2019-03-26 15:24:05 | LogPoint UEBA (FRENCH) (lien direct) | Note: This webinar is in French. The "LogPoint UEBA" webinar hosted by LogPoint Presales Manager Julien Soukhavong is now available on demand. Fill out the form to access the hands-on deep dive into the UEBA product, covering: Configuration Active threat hunting using the new advanced dashboard capabilities How to leverage UEBA-driven risk scoring for a [...] | Threat |
1
We have: 29 articles.
We have: 29 articles.
To see everything:
Our RSS (filtrered)
