Anton on Security

NOVEMBER 6, 2023

In my mind, “Decoupled SIEM” is a way to deliver Security Information and Event Management (SIEM) technology where the data management (a) and threat analysis (b) are provided by different vendors. So, the topic is so-called “decoupled SIEM” (I probably made up the term, but …hey… at least this is not an acronym like EDR so YMMV).

Engineering 245

Engineering Data collection Threat Detection Technology 245

Cisco Security

AUGUST 26, 2021

With the addition of Kenna Security into our program we now have over 250 technology partners and over 400 integrations for our mutual customers to utilize. An integration with Cigent Technology is now available for Secure Endpoint customers to integrate with. Kenna has a healthy 3rd Party ecosystem of technology partners.

Technology 143

Technology Firewall VPN Authentication 143

Pen Test

DECEMBER 10, 2024

Reverse engineering is the process of deconstructing a product or system to understand its design, architecture, and functionality. The primary goal of reverse engineering is to analyze how a system works, identify its components, and uncover any underlying principles or mechanisms.

Engineering 70

Engineering Artificial Intelligence Software Malware 70

SecureList

JULY 9, 2024

” This and the fact that SOC teams forever play the long game, having to respond with limited resources to a changing threat landscape, evolving technology and increasingly sophisticated malicious actors, makes managing efforts to develop detection logic an integral part of any modern SOC’s activities.

Engineering 116

Engineering DNS Technology Accountability 116

Anton on Security

JANUARY 20, 2022

One of the most notorious and painful problems that has amazing staying power is of course that of data collection. I remember how our engineers struggled in 2002 with some API-based collection from a known firewall vendor. If you are curious, what did people care about those days?

Technology 211

Technology Engineering Data collection Firewall 211

SecureList

NOVEMBER 29, 2024

CloudSorcerer is a sophisticated cyber-espionage tool used for stealth monitoring, data collection and exfiltration via Microsoft, Yandex and Dropbox cloud infrastructures. The data collected about the targets’ companies and contact information could be used to spy on people of interest and lay the groundwork for future attacks.

Energy and Utilities 104

Energy and Utilities Ransomware Malware Government 104

Security Affairs

OCTOBER 27, 2023

How residential proxies using real IPs from diverse locations enable businesses to gather comprehensive and accurate data from the web Since the adoption of the first digital tools and connection to the internet, the competitive business environment has revolutionized and transformed the ways modern companies conduct business operations.

Marketing 130

Marketing Data collection Internet Internet 130

Adam Shostack

JANUARY 2, 2025

[no description provided] [Update: Steve Bellovin has a blog post ] One of the major pillars of science is the collection of data to disprove arguments. That data gathering can include experiments, observations, and, in engineering, investigations into failures.

InfoSec 130

InfoSec Data collection Engineering Cyber Attacks 130

Security Boulevard

DECEMBER 10, 2021

SOC Technology Failures?—?Do Most failed Security Operations Centers (SOCs) that I’ve seen have not failed due to a technology failure. Let’s stick to mostly technology focused failures. An astute reader will notice that in the list below, some of the purported technology failures are really process failures in disguise.

Technology 59

Technology CISO Data collection Threat Detection 59

CyberSecurity Insiders

SEPTEMBER 22, 2022

To that end MSSPs add new technology to their security offering stack with the hopes that prospective customers will see this addition as an opportunity to outsource some, or all, of their security monitoring. The one technology I am referring to specifically is your SIEM.

Data collection 139

Data collection Technology Threat Detection Marketing 139

Krebs on Security

DECEMBER 29, 2022

Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me. Super Bowl Sunday watchers are treated to no fewer than a half-dozen commercials for cryptocurrency investing. ” SEPTEMBER.

Cryptocurrency 309

Cryptocurrency Cybercrime Computers and Electronics Scams 309

Security Affairs

OCTOBER 15, 2018

To secure the traffic they need, scammers ensure that their websites appear at the top of search engine results: 96% of users click on links found on the first page displayed by search engines. GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC.

Marketing 104

Marketing Phishing Media Engineering 104

SecureList

SEPTEMBER 24, 2024

Types of web tracking Web tracking can be classified into several categories based on the methods and technologies employed: Cookies Cookies are small text files that websites place on a user’s device to store information about their visits, such as login credentials, preferences, and tracking identifiers.

Advertising 130

Advertising Technology Marketing Media 130

Security Boulevard

JANUARY 20, 2022

One of the most notorious and painful problems that has amazing staying power is of course that of data collection. I remember how our engineers struggled in 2002 with some API-based collection from a known firewall vendor. If you are curious, what did people care about those days? date: 2002, source ).

Technology 138

Technology Engineering Data collection Firewall 138

Security Affairs

OCTOBER 9, 2024

Conversational AI platforms are designed to facilitate natural interactions between humans and machines using technologies like Natural Language Processing (NLP) and Machine Learning (ML). Bots can collect valuable data from user interactions, which can be analyzed to gain insights into customer preferences and behaviors.

Social Engineering 124

Social Engineering Risk Identity Theft Technology 124

Malwarebytes

AUGUST 3, 2022

The open database is a logging database the company, Ningbo Jus Internet Technology , uses to keep track of app bugs and errors. It also houses hundreds of gigabytes of data and is hosted on a Huawei cloud server in China. Sen said anyone can access the data using a web browser if they have the right IP address.

Internet 101

Internet Internet Data collection Technology 101

Krebs on Security

JULY 18, 2022

“Our technology ensures the maximum security from reverse engineering and antivirus detections,” ExEClean promised. All VPN providers claim to prioritize the privacy of their users, but many then go on to collect and store all manner of personal and financial data from those customers.

VPN 358

VPN Computers and Electronics Antivirus Software 358

SecureList

DECEMBER 2, 2022

It is a highly demanding activity, which requires time, multidisciplinary skills, efficient technology, innovation and dedication. We have been doing so since 2008, benefiting from Kaspersky’s decades of cyberthreat data management, and unrivaled technologies. VirusTotal ), network system search engines (e.g.,

Cyber threats 131

Cyber threats DNS Data collection Technology 131

eSecurity Planet

SEPTEMBER 24, 2021

Rapid7 combines threat intelligence , security research, data collection, and analytics in its comprehensive Insight platform, but how does its detection and response solution – InsightIDR – compare to other cybersecurity solutions? How Does InsightIDR Work? Gartner Magic Quadrant and Gartner Peer Insights.

DNS 131

DNS Technology Cybersecurity Data collection 131

Malwarebytes

JANUARY 9, 2023

These latest revelations come from the same researcher, Sam Curry, and his collective of car technology explorers and investigators. Last time around we saw how publicly available data that was visible on a car was being tied back to telematics, and how that data could reveal an awful lot of information about the car owner.

Manufacturing 98

Manufacturing Data collection Social Engineering Firmware 98

Security Affairs

MARCH 5, 2019

Organizations will store their petabytes of “internal security telemetry” on Google cloud platform and use Google machine learning and data analytics technologies to analyze it and scan for malicious activities. Companies could use this data to quickly detect malicious activities. Your data remains private?—?it

DNS 106

DNS Cyber threats Advertising Data collection 106

SecureWorld News

JUNE 16, 2023

The EU is attempting to provide guardrails on a technology that is still not well understood but does present a lot of concerns from a legal perspective," said Jordan Fischer, cyber attorney and partner at Constangy, who recently moderated a panel discussion on "The Future of Privacy and Cyber: AI, Quantum and Mind Readers" at SecureWorld Chicago.

Artificial Intelligence 98

Artificial Intelligence Technology CISO Government 98

Malwarebytes

AUGUST 3, 2022

The open database is a logging database the company, Ningbo Jus Internet Technology , uses to keep track of app bugs and errors. It also houses hundreds of gigabytes of data and is hosted on a Huawei cloud server in China. Sen said anyone can access the data using a web browser if they have the right IP address.

Internet 90

Internet Internet Data collection Mobile 90

Thales Cloud Protection & Licensing

MARCH 7, 2021

Q2: The goal of gender equity in technology is to lead us to gender equality. I am seeing more and more women in our engineering teams, customers, partners, sales teams, offices of the CTO…a variety of roles where technical know-how is required. Q1: What is it like being a woman in the male-dominated field of engineering?

Encryption 96

Encryption Engineering Technology Data collection 96

The Last Watchdog

JULY 30, 2018

The painful impact of cyber attacks on businesses is worsening despite advances in technology aimed at protecting enterprises from malicious network traffic, insider threats, malware, denial of service attacks and phishing campaigns. And the cost of damage directly related to cybercrime is adding up, expected to reach $6 trillion by 2021.

CISO 140

CISO Cyber Attacks Data collection Cybersecurity 140

Approachable Cyber Threats

AUGUST 2, 2021

social engineer a mobile provider employee to facilitate a SIM swap). Users must be better protected from the outset, and the only way to ensure that is to impose significant restrictions on data collection and usage by companies seeking to monetize or use it to their asymmetric benefit in any way.

Data collection 98

Data collection Media Mobile Identity Theft 98

CyberSecurity Insiders

SEPTEMBER 29, 2021

Section 40122: Energy Cybersense Program —The Secretary, in consultation with the Secretary of Homeland Security and the heads of other relevant Federal agencies, shall establish an Energy Cyber Sense program to test the cybersecurity of products and technologies intended for use in the energy sector, including in the bulk-power system.

Energy and Utilities 108

Energy and Utilities Cybersecurity Technology Architecture 108

SecureWorld News

NOVEMBER 26, 2024

With advancements in AI technologies like large language models (LLMs), mixed-reality systems, and multi-modal generative frameworks, the boundary between human and machine capabilities is increasingly blurred. This partnership is unlocking new possibilities across fields such as healthcare, engineering, cybersecurity, and beyond.

Government 117

Government Healthcare Artificial Intelligence Technology 117

SecureWorld News

JULY 18, 2024

The federal push is working in moving the industry to ask for this for both first party in house as well as third party vendor developed software," said Saumitra Das, Vice President of Engineering at Qualys. However, a key issue is that it's important to assess the quality of your SBOM data collection."

Software 109

Software Risk Artificial Intelligence Accountability 109

SecureWorld News

JUNE 4, 2024

As high-profile data breaches and leaks continue making headlines, a new report from Massachusetts Institute of Technology (MIT) examines the triple-whammy of factors enabling this tidal wave of personal data theft. Infostealer attacks are on the rise, focusing on data collection rather than just hiding data behind encryption.

Data breaches 109

Data breaches Social Engineering Ransomware Backups 109

Malwarebytes

MAY 23, 2023

Practices highlighted included “hard to find” location settings, misleading descriptions of location settings, and “repeated nudging” to enable location settings alongside incomplete disclosures of Google’s location data collection.

Advertising 98

Advertising Accountability Data collection Engineering 98

eSecurity Planet

APRIL 26, 2022

As a leading VC, BVP offers budding companies plenty to consider, with a set of roadmaps and tools for today’s technologies and market complexities. Notable cybersecurity exits for the company include AVG Technologies, Cognitive Security, OpenDNS, and Carbon Black. Also read : Addressing Remote Desktop Attacks and Security.

Cybersecurity 128

Cybersecurity Technology Marketing Healthcare 128

eSecurity Planet

JANUARY 6, 2022

Fortinet notes that with the growing convergence of operational technology (OT) and IT at the network edge via remote access and IoT devices , “holding such systems and critical infrastructure for ransom will be lucrative but could also have dire consequences, including affecting the lives and safety of individuals.

Ransomware 136

Ransomware Cybersecurity Artificial Intelligence CISO 136

SecureList

APRIL 5, 2023

Fake TikTok login page generated by the phishing bot From an engineering standpoint, this is a rather primitive product of a basic phishing kit. When a scammer requests a phishing page from a Telegram bot, it forwards the request along with all required data to a utility that assembles pages from predefined packages and returns hyperlinks.

Phishing 144

Phishing Marketing Scams Accountability 144

SC Magazine

MARCH 10, 2021

According to thought leaders, the compromise of video data could result in intellectual property theft, physical security threats, privacy violations, extortion and perhaps regulatory punishment. They allegedly didn’t have control over the one account they needed to,” said Patrick Hunter, director of sales engineering, EMEA, at One Identity.

Surveillance 129

Surveillance IoT Accountability Hacking 129

Security Boulevard

JUNE 5, 2024

Thales excels in these rapidly advancing technologies that require privacy and data security and are eager to continue working with Google Cloud on them. With AI implementations, cybersecurity attacks can occur at different states of the AI pipeline including data collection, model creation and training, and at inference.

Encryption 72

Encryption Artificial Intelligence Technology Data collection 72

SecureList

SEPTEMBER 28, 2022

It is highly targeted and is usually delivered through social engineering, e.g., a target business may receive a call from a “technician” who insists that the company needs to update its PoS software. Warning from a PoS vendor about Prilex social engineering attacks. It all started with ATMs during a carnival celebration.

Malware 140

Malware Banking Software Encryption 140