Evaluate your SIEM requirements and expect more for advanced threat detection and responseSecurity information and event management (SIEM) technology is evolving to keep pace with the growing threat landscape. The Gartner Technology Insight for the Modern SIEM report breaks down myths and provides insights into the latest SIEM capabilities and key considerations for security practitioners grappling with whether to embrace, replace, or augment their SIEM platform.
We believe this report from Gartner will help you gain these insights:
*Technology Insight for the Modern SIEM, Toby Bussa, Kelly Kavanagh, Gorka Sadowski, 24 October 2018.
Despite a 31% decline in new malware, this quarter we saw bad actors striving to do what they do better—evolving their technologies and using new tactics to outmaneuver their targets' defenses.
Our latest findings include:
All politics aside, the United States Department of Justice on Friday unsealed a judicial indictmentagainst a number of individuals alleged to be from Russia’s intelligence services engaged in activities in 2016.
Stepping outside of the context of this party or that party, and politics as a whole – McAfee’s CTO, Steve Grobman noted, “Attribution is amongst the most complex aspects of cyberwar and the US government is in a unique position to make this attribution assessment. Technical forensics combined with information from trusted intelligence or law enforcement agencies are needed to provide confidence behind identifying actors in an attack or campaign. These indictments clearly show the US has reason to believe Russia interfered with the election process. “
The iPhone and many of the apps designed to live on the device have the ability to track our location. Whenever they set up these apps, however, users get the option to opt in or out of location tracking services. But what happens when a malicious campaign doesn’t give users the option to opt of having their location tracked by cybercriminals? In fact, just this week, it has been discovered that iPhone users may be faced with that very possibility, as a sophisticated mobile malware campaign is gaining access to devices by tricking users into downloading an open-source mobile device management (MDM) software package.
The closest many of us get to the dark web is watching hackers surf it in television shows or movies. However, it is a very real place that contains lots of stolen data. This data, along with compromised systems, devices, and more are often sold in underground marketplaces that exist on the dark web. One type of marketplace is called a remote desktop protocol (RDP) shop, which provides access to stolen systems for a small fee. Found in one of these RDP shops by McAfee’s ATR team: a major international airport’s security and building automation systems, which could be purchased for only $10 USD.
Security operations (SecOps) teams have some of the hardest jobs around. They are faced with growing volumes of security data: 77% of enterprises add one terabtye of security data a month.
Could you separate the signal from all that noise? Well, now you can put yourself in the place of a security analyst and find out. Introducing the “Separating the Signal from the Noise” interactive demo from McAfee.
“50% of organizations use more than one public cloud infrastructure vendor, choosing between Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform and a series of others”
In this blog post, we explore the history of cloud computing and security that has led us to our multi-cloud reality. Read it here.
In the post, we explore:
Per cloud security’s shared responsibility model, Office 365 customers are responsible for actions users take within the platform that compromise data, and Skyhigh has found the average enterprise experiences 2.7 such threats in the platform each month. This number includes compromised accounts, insider threats, and privileged user threats.