Why We Wrote ‘The Threat Intelligence Handbook: Second Edition’

November 14, 2019 • Zane Pokorny

Today, cyber threats are coming from everywhere — the open web and dark web, but also partners and other third parties, brand attacks, and internal threats — and digital business risk is at an all-time high. This leaves everyone without a true, comprehensive view of their entire threat landscape vulnerable. Recorded Future’s goal is to provide that comprehensive view to help you reduce your risk.

Tpmfail: a timing attack that can extract keys from secure computing chips in 4-20 minutes

Daniel Moghimi, Berk Sunar, Thomas Eisenbarth and Nadia Heninger have published TPM-FAIL: TPM meets Timing and Lattice Attacks, their Usenix security paper, which reveals a pair of timing attacks against trusted computing chips (“Trusted Computing Modules” or TPMs), the widely deployed cryptographic co-processors used for a variety of mission-critical secure computing tasks, from verifying software updates to establishing secure connections.

Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1

This is the first in a blog series discussing the tools, techniques, and procedures that the Microsoft Detection and Response Team (DART) use to investigate cybersecurity incidents at our customer organizations. Today, we introduce the team and give a brief overview of each of the tools that utilize the power of the cloud. In upcoming posts, we’ll cover each tool in-depth and elaborate on techniques and procedures used by the team.

Why Security ‘Next Quarter’ is Worse than No Security

Over the past several years, my team and I have engaged in countless discussions with IT and business leaders of mid-market organizations.  They are often looking to improve their security posture, adhere to regulatory compliance, or report to their management/board on the steps they are taking to prevent being all over the news over a cybersecurity breach.  Typically, the technical leaders we’re speaking with, IT Managers, Directors, and VPs, recognize the need for enhanced security.  Yet, they have a hard time securing budget, or convincing “the business” that this is a necessary expenditure.  As such, cybersecurity initiatives tend to take a ‘back seat’ to other more prominent projects, especially ones with an easier to measure ROI and TTV (time to value).  We are often told: “Guys, we love this!  We understand the value proposition, the service is unlike any we’ve seen, and your price is reasonable…  but, let’s chat again next quarter.” 

NCSC-NZ Releases Annual Cyber Threat Report

The New Zealand National Cyber Security Centre (NCSC-NZ) has released their annual report detailing cyber threats and incidents affecting New Zealand from July 2018 to June 2019. During this period, NCSC-NZ recorded an increase in the severity of cybersecurity incidents—particularly from state-sponsored threat actors. NCSC-NZ provides enhanced cybersecurity services to New Zealand Government and organizations of national significance against cybersecurity threats.

Understanding CVSS v3.1

By: WhiteSource Research Team

The Common Vulnerability Scoring System (CVSS) provides an open framework for communicating the characteristics and impacts of software and hardware security vulnerabilities. Its quantitative model aims to ensure consistent and accurate measurement while enabling users to see the underlying vulnerability characteristics that were used to generate the scores.

There is a Skills Shortage, But it isn’t Your Real Problem

During my undergraduate days, I recall hearing that the Bell System was slow to deploy automated dialing. While smaller local phone companies allowed callers to dial a number directly from their phone, the Bell system continues to rely on switchboard operators into the 1930s. In fact, early phones did not have numbers to dial at all – you simply toggled the handset switch and asked the operator, when she came on (female switchboard operators were believed to be more patient and polite than men) she would plug your line into the line of the person you wanted to call.

What Is Next Generation SIEM? 8 Things to Look For

The SIEM market has evolved and today most solutions call themselves “Next Generation SIEM.” Effective NG SIEM should provide better protection and equally important, if not more, a much more effective, next gen user experience. What you should look for when evaluating a next generation SIEM?

Earthquake Conspiracy Theorists Are Wreaking Havoc During Emergencies

On an early Friday morning in November 2018, the ground gave way in Anchorage, Alaska. At 8:29 a.m., a magnitude 7.1 earthquake hit just north of the city. Street lights blinked off, highways began to buckle, and buildings shook as enormous cracks opened in the walls and floors, coughing plumes of dust into the air. Later that day, photojournalist Marc Lester used a small plane to capture a chilling photo of Vine Road, a major artery, fractured like a puzzle, detritus scattered across it like broken toys.