The U.S. Department of Defense is looking for a few good hackers to penetrate a facilities network underpinning the Pentagon's basement, mezzanine, and the command and communications center used by the president and the secretary of defense. Defense has hosted white hat hacking sessions since 2016.
Black Hat Europe returns to London, offering deep dives into the latest cybersecurity research and trends, including how to build an open, transparent, but also secure internet; harvesting zero-day flaws before attackers; what we can learn from "metaparasitical" scammers who scam scammers; and more.
Tributes are being paid to Vitali Kremez, who has died at the age of 34 in a suspected scuba-diving accident. The renowned threat intelligence expert, born in Belarus, had long tracked Russian cybercrime syndicates and was part of an ad hoc group established to counter ransomware and help victims.
Jamf plans to buy startup ZecOps to extend its ability to detect and respond to sophisticated threats across Mac, iOS and Android devices. Jamf's proposed acquisition will provide threat hunting tools to determine if any advanced attacks have compromised mobile devices.
Infoblox has invested in shifting left in the cybersecurity kill chain with on-premises, cloud and hybrid versions of its BloxOne Threat Defense tools, which help security practitioners find and identify threats earlier and mitigate risks, says President and CEO Jesper Andersen.
Security executives at Black Hat USA 2022 discuss the latest cybersecurity trends from confidential computing and unified threat hunting languages to attack surface management and recovery services, social engineering campaigns and blockchain vulnerabilities.
James Foster has been swimming against the current for months, taking ZeroFox public by merging with a special-purpose acquisition company despite the worsening economic conditions. The Nasdaq Stock Exchange listing makes ZeroFox the first cybersecurity company to go public in all of 2022.
In this episode of "Cybersecurity Unplugged," Yonatan Khanashvili describes in detail how Golden Security Assertion Markup Language attacks occur and how SOC platforms with much greater capacity to cross-correlate data than legacy SIEMs can help defenders detect and hunt for them.
The company ePlus has purchased Future Com to strengthen its security operations strategy and support of managed services. The deal will allow ePlus to help customers evolve their security operations teams from correlating and analyzing logs to delivering advanced capabilities like threat hunting.
Bishop Fox has closed a $75 million funding round to strengthen its visibility and continuous testing capabilities across all service offerings. The company will go from having just its attack surface testing on the Cosmos platform to all service offerings, including app pen testing and red teaming.
The latest edition of the ISMG Security Report analyzes why the number of ransomware attacks and the amounts being paid in ransoms are both on the rise. It also discusses today's cyberthreat landscape and whether organizations should rely on user training to improve security.
The U.S. Department of Defense continues to experiment with bug bounties to draw in vulnerability reports from outside white hat hackers. It kicked off a new test program for continuous rewards on America's Independence Day by setting aside a pool of $110,000.
Ransomware-wielding criminals constantly refine their behavior and tactics to maximize the chance of a payday, and recently they have been implementing fresh strategies for monetizing stolen data, says Steve Rivers at threat intelligence firm Kela.
Targeted attacks on a Ukrainian energy facility have been confirmed by CERT-UA. In a joint operation carried out by the Ukrainian CERT with security companies Microsoft and Eset, it was found that an ICS-capable malware and several regular disk wipers were used in the attack.
Microsoft says it seized control of seven domains belonging to Russian GRU-linked state-sponsored threat group Strontium. The group, also called APT28 and Fancy Bear, used the domains to target Ukrainian media organizations and had U.S. and EU government entities and decision-makers on its radar.