<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=116645602292181&amp;ev=PageView&amp;noscript=1">

Attackers incriminate a signed Oracle process for DLL hijacking, running Mimikatz

With application whitelisting being integrated into an OS’s security stack, attackers need more creative ways to use their tools without getting detected. In this incident observed by Cybereason, DLL hijacking was used to run Mimikatz using a process that was signed and verified by Oracle.

The associated expenses that add to the cost of a ransomware attack

ransomware

The associated expenses that add to the cost of a ransomware attack

We reviewed a few prominent ransomware attacks to see how much these incidents really cost organizations. While security executives factor in the ransom and the cost of recovering data, there are additional expenses - like business lost due to downtime - that need to be considered.

Attackers incriminate a signed Oracle process for DLL hijacking, running Mimikatz

security research

Attackers incriminate a signed Oracle process for DLL hijacking, running Mimikatz

With application whitelisting being integrated into an OS’s security stack, attackers need more creative ways to use their tools without getting detected. In this incident observed by Cybereason, DLL hijacking was used to run Mimikatz using a process that was signed and verified by Oracle.

China increases attacks against US companies as trade war looms

cybersecurity

China increases attacks against US companies as trade war looms

The looming trade war with the U.S. could have prompted China to resume cyberespionage attacks against U.S. companies, violating a 2015 agreement that banned such campaigns. Does this mean that China has abandoned the deal, or will it once again honor the terms if the trade dispute is settled? We talked to Ross Rustici, Cybereason's Senior Director of Intelligence Services, to get his take.

Cybereason CISO Interview Series: Why security leaders need more than technical skills

CISO

Cybereason CISO Interview Series: Why security leaders need more than technical skills

Mario Duarte, vice president of security at Snowflake Computing, learned the importance of aligning security and the business very early in his career. As a 20-something new to security, he thought his keen technical skills would be enough to help him thrive. Then the dotcom bubble burst.

Now that security leaders have been invited into the boardroom, what do they say?

CISO

Now that security leaders have been invited into the boardroom, what do they say?

SEC guidance around cybersecurity means that security leaders will be talking to their boards and fellow executives more on how to mitigate cyberrisk. But having a seat at the table presents CISOs and CSOs with a new challenge: what do they say to show that they're aligned with the business?

How information security department can prepare to meet GDPR’s 72-hour breach reporting deadline

GDPR

How information security department can prepare to meet GDPR’s 72-hour breach reporting deadline

The General Data Protection Regulation’s breach notification mandate is likely to impact an organization’s information security program. Under GDPR, once a breach is discovered, organizations have 72 hours to provide authorities with extensive details on the incident, including what type of data was stolen, who was impacted and what remediation measures are being taken. Here are the technical and procedural steps that companies should take to meet this deadline and avoid GDPR’s substantial fines.

How the Israel Defense Forces' approach to diversity can help ease the security talent crunch

security hiring

How the Israel Defense Forces' approach to diversity can help ease the security talent crunch

Unit 8200, an elite division in the Israel Defense Forces, doesn't look for typical backgrounds when recruiting for security positions. Here's what the security industry can learn from this practice and how it can help ease the talent crunch.

Color Revolutions, Broken Promises and Hubris: Why North Korea Cannot Survive Under Orange-Tinted Glasses

north korea

Color Revolutions, Broken Promises and Hubris: Why North Korea Cannot Survive Under Orange-Tinted Glasses

The complete eradication of nuclear weapons and ICBMs from North Korea as a precondition for economic relief and other enticements creates an untenable position for Kim Jong-Un. Every step along the path to denuclearization reduces the regime’s ability to compel the U.S. to abide by its end of the bargain while increasing the U.S.’ ability to operate as it sees fit.

Five reasons why banning USB drives is a good security practice

cybersecurity

Five reasons why banning USB drives is a good security practice

IBM banning its employees from using removable storage devices, like USB sticks, received broad media coverage, even though the US CERT warned against using USB drives in 2011. Why are USB and other removal drives still relevant and why is it a good idea to not use them?

How ransomware attacks have changed one year after Wannacry and NotPetya

WannaCry

How ransomware attacks have changed one year after Wannacry and NotPetya

Nearly a year after the NotPetya and Wannacry attacks, ransomware is no longer used in widespread attacks against indiscriminate targets. Instead, attackers are using this malware in more focused, targeted campaigns.