Hot Topics

IOC

Building an Alert System Using Snowflake

Building an Alert System Using Snowflake

| | alert, IOC, Silverfort Labs Research, snowflake, Threat Hunting
During my time here at Silverfort, I was tasked with building an alert system to send messages from our Snowflake database directly to a Slack channel. Easy enough, I thought to myself ...
Blog - Silverfort

Superior Integrity Monitoring: Getting Beyond Checkbox FIM

| | Featured Articles, FIM, IOC, Security Controls, Threat Intelligence
If File Integrity Monitoring (FIM) were easy, everyone would be doing it. Actually, it is pretty easy. It’s not exactly rocket science. Practically anyone with a modicum of Python, Perl or development skills can ...
The State of Security
Securing the Financial Sector Now and Into the Future with XDR

Securing the Financial Sector Now and Into the Future with XDR

| | Cybersecurity, EPP, Extended Detection and Response, Financial Services, Indicators of Behavior, indicators of compromise, Infosec, iob, IOC, Unified Endpoint Security, XDR
Figuring out if your organization is under attack is typically a time-consuming, labor-intensive affair. Analysts must gather data across multiple security tools and perform careful analysis, a process that can take hours, ...
Blog
Getting the most out of your NIDS

Getting the most out of your NIDS

| | Cisco Talos, CMDB, CVE, dns, HTTPS, ids, IOC, NDR, network security monitoring, NIDS, NTA, OPEN ruleset, Proofpoint Emerging Threats, ServiceNow, SOAR, SOC, Suricata, Windows Server, Zeek
By Jon Natkins, Product Manager, Corelight Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the ...
Bright Ideas Blog
Were you targeted by SUNBURST? Image credit: NASA

Robust Indicators of Compromise for SUNBURST

| | 22334A7227544B1E, avsvmcloud, avsvmcloud.com, CNAME, Cobalt Strike, dns, Indicators, IOC, NetBIOS, Palo Alto, paloaltonetworks, SolarStorm, SolarWinds, STAGE2, SUNBURST
There has been a great deal of confusion regarding what network based Indicators of Compromise (IOC) SolarWinds Orion customers can use to self assess whether or not they have been targeted after ...
NETRESEC Network Security Blog
One Step Beyond: Using Threat Hunting to Anticipate the Unknown

One Step Beyond: Using Threat Hunting to Anticipate the Unknown

| | Hackers, IOC, Marriott, Threat Hunting
Article by Paul German, CEO, Certes NetworksA cyber threat could be lurking in any corner of an organisation’s infrastructure. The complex networks encompassing numerous smart and interconnected technologies make it easy for ...
IT Security Expert Blog

Behavioral analysis versus artifacts/IOC’s

| | AI, EDR, IOC, ML
Much of our defensive architecture today is based on the ability to extract indicators of compromise from logs, packet data and flow data and the monitoring of processes on the system. While ...
JeffSoh on NetSec

Oh, BTW, The Russians Cyberattacked the U.S. Critical Infrastructure

| | cyber war, cyberattack, Cyberwarfare, DHS, FBI, General, Hacking, Information Security News, IOC, men-in-the-middle attack, Russia, spoofing, Spotlight
While we have been distracted by the dalliances of an errant president, the exfiltration from Facebook of personal information belonging to a gazillion users, and the use of those data to influence ...
BlogInfoSec.com

Toolsmith Release Advisory: Malware Information Sharing Platform (MISP) 2.4.52

| | IOC, MISP, STIX, Threat Intelligence
7 OCT 2016 saw the release of MISP 2.4.52.MISP, Malware Information Sharing Platform and Threat Sharing, is free and open source software to aid in sharing of threat and cyber security indicators.An ...
HolisticInfoSec™