Top news of the week: 06.01.2022.
Mitre Attack
Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells
Microsoft says vulnerabilities present a "real and present" danger, citing high volume of scanning and attack activity targeting the widely used Apache logging framework.
A framework to vet security processes for human execution
Make sure you take human interaction and communication into account when developing your security processes. Here's a simple framework that can help.
Cybersecurity M&A Roundup: 35 Deals Announced in December 2021
SecurityWeek’s cybersecurity M&A roundup for December 2021 lists 35 deals, including ones that involved hundreds of millions or billions of dollars.
Simplifying the MITRE ATT&CK Framework
This blog was originally published on 11/3/21 on Scythe's blog site. Author Nathali Cano Introduction Before we get into the nitty gritty of things, I’d like to briefly talk about the big ...
Leveraging the Power of KQL in Incident Response
When your organization is faced with investigating a security incident, whether that’s something as simple as a phishing campaign or more complex like a determined human adversary, time is ...
Google Buys Siemplify to Get Ahead in Cloud Security
Google says the deal will bring security orchestration, automation, and response to its Google Cloud security portfolio and expand its Chronicle platform.
Vinnie Liu Has a Mission: Keeping People Safe Online and Offline
Security Pro File: The years at the National Security Agency shaped Vinnie Liu's views on security. "We're missionaries, not mercenaries," he says.
CISOs Plan What to Buy With Funds From the Infrastructure Bill
CISOs welcome the cybersecurity funding allocated under the Infrastructure Investment and Jobs Act, but say it’s not perfect because it doesn't address a key issue: people.