Top news of the week: 05.06.2020.

#COVID19 #cyberattack #Security #regulation #incidentresponse #DFIR #ITsecurity #remoteaccess #Budget #HIT

Mitre Attack

On Jun 3, 2020
@kjhiggins shared
Security spending is not at all immune to the economic downturn amid the pandemic. There's now a "violent shakeup of a transformation that was going to come anyway" toward cloud, says @chenxiwang Part 2 of a look at the state of things here: https://t.co/oLJFR70XzC #COVID19
Open

Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic

Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic

For now, security teams face freezes in projects and hiring - and budget cuts, security industry analysts say.

On Jun 4, 2020
@PatrickCMiller shared
Companies Fall Short on Mandatory Reporting of Cybercrimes https://t.co/oMJFJ7qy74
Open

Companies Fall Short on Mandatory Reporting of Cybercrimes

Companies Fall Short on Mandatory Reporting of Cybercrimes

Understaffed and under fire, companies fail to report cybercrimes even when they are legally obligated to notify authorities, results of a new survey show.

On Jun 4, 2020
@PatrickCMiller shared
RATs 101: The Grimy Trojans That Scurry Through Remote Access Pipes https://t.co/aiN71PivGc
Open

RATs 101: The Grimy Trojans That Scurry Through Remote Access Pipes

RATs 101: The Grimy Trojans That Scurry Through Remote Access Pipes

Remote Access Trojans (RATs) can be the beginning of very bad things on your network or workstations.

On Jun 4, 2020
@PatrickCMiller shared
Social Distancing for Healthcare's IoT Devices https://t.co/I2f3RcksYV
Open

Social Distancing for Healthcare's IoT Devices

Social Distancing for Healthcare's IoT Devices

Security pros need to double down around prevention of lateral movement by attackers, especially if IoT devices are connected to the network.

On May 29, 2020
@redcanaryco shared
RT @David_S_Dowling: Getting prepped for #PvJCTF and watching the pretty decent training on ThreatINSIGHT and then went down a rat hole of domain entropy. Wot dat. @redcanaryco has a useful piece on relative entropy and threat hunting https://t.co/OKLHB0YPYR
Open

Using Entropy in Threat Hunting: a Mathematical Search for the Unknown

Using Entropy in Threat Hunting: a Mathematical Search for the Unknown

Can entropy be used to detect unknown malware? A Red Canary analyst takes a deep dive into the concept of entropy and explores its applications in threat hunting.

On Jun 1, 2020
@SANSDefense shared
Don’t miss today’s special webcast with SANS Instructor @maridegrazia to explore the #forensic artifacts related to #WinSCP – Register now: https://t.co/Sur8PIlKYn https://t.co/p2bFZnM370
Open

[email protected] - WinSCP: Yeah you know me!

SANS@MIC - WinSCP: Yeah you know me!

This presentation covers the artifacts related to WinSCP. WinSCP has traditionally been associated with external access and exfiltration. However, with some recent changes to Windows 10, ...

On Jun 2, 2020
@riskybusiness shared
Risky Biz editor @breditor just posted this story... long story short? Having IR firms on retainer might be yesterday's model thanks to a surprise court decision in the Capital One data breach suit. https://t.co/LD7QwOaKvi https://t.co/iOmTpmy712
Open

Surprise Capital One court decision spells trouble for incident response

Surprise Capital One court decision spells trouble for incident response

Surprise Capital One court decision spells trouble for incident response

On May 31, 2020
@olafhartong shared
RT @phillmoore: Week 22 - 2020 #DFIR https://t.co/7DvBxVkAxZ
Open

Week 22 – 2020

Week 22 – 2020

Thanks to Lodrina for her work on the Threat Hunting and Malware Analysis sections. Both of us are getting ready for the DFIR Summit this July, join us! Lodrina is keynoting the Solutions ...