Blog

Threat-Countering: Refining Risk-Based Cybersecurity

Geoff Stoker on Apr 9, 2019 8:38:00 AM

 

Meddling in Elections - The Case of Russian Attackers

Liisa Past and Alexander Grimm on Apr 3, 2019 4:03:47 PM

 Ukraine has proven to be a testing ground for Russian aggression in cyberspace.

Cybersecurity Crisis Management (CCM) Considerations - A 7-Step Strategy

Geoff Stoker on Feb 26, 2019 9:03:00 AM

 

Does your organization have a stated cybersecurity crisis management (CCM) strategy? If you said “no,” then by implication your actual strategy is to rely on your team’s experiential-based gut..

Major Vendors Dismissed Top Vulnerability for Malware Delivery

Paulo Shakarian on Feb 4, 2019 9:02:00 AM

Recent reporting by Cisco on information stealing malware  designed to hide from most anti-virus solutions  is leveraging Microsoft Office vulnerability CVE-2017–11882.

Does..

Artificial Intelligence Gives Clues About Cyberattack Targets

Rebecca Skubish on Nov 9, 2018 2:24:37 PM

Current Threats: Fileless Malware

Paulo Shakarian on Nov 5, 2018 9:30:10 PM

 

Fileless malware is on the rise and is enabling many attacks in 2018. While fileless techniques were prevalent in 2017, most of the more well-known attacks still accessed the disk and..

Five Questions to Ask a Cybersecurity Vendor

Paulo Shakarian on Oct 30, 2018 9:48:36 AM
 

Five questions to ask a cybersecurity vendor selling a machine learning solution

Ever since we started CYR3CON, we are continually surprised at the hype cycle surrounding..

Patching without Prioritization isn’t Working

Paulo Shakarian on Oct 23, 2018 9:34:13 AM

 

Detection dates and continued scanning don’t solve the root cause of the problem: how do you determine which CVEs are likely to be targeted and must be patched?

Recent media..

Breach disclosed by the Pentagon highlights the importance of third-party risk

Paulo Shakarian on Oct 17, 2018 2:33:04 PM

 

Late last week, the Associated Press reported that nearly 30,000 Department of Defense workers may have had Personally Identifying Information (PII) exposed due to a data..

Current Threats: Cryptomining

Paulo Shakarian on Sep 26, 2018 2:29:40 PM

Several recent studies are telling us that illicit cryptomining is becoming a very large threat. This may leave many threat watchers wondering “what happened to ransomware”?..