#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News

Threat Intelligence | Breaking Cybersecurity News | The Hacker News

Category — Threat Intelligence
Defensible Security Architecture and Engineering: Designing and Building Defenses for the Future

Defensible Security Architecture and Engineering: Designing and Building Defenses for the Future

Nov 25, 2024
As I usually say: 'attackers are lazy'. In other words, they always follow the path of least resistance. As defenders catch up with their tactics, techniques, and procedures, the asymmetric gap between offensive and defensive capability shrinks, pushing attackers to shift their battlefield strategy, perpetuating a game that repeats over and over again. Take, for example, endpoint protection. For the last few years, endpoint protection, detection, and response have been the centerpiece of security strategies. As modern endpoint security products get better at anticipating threats based on AI-based engines, providing richer visibility and more contextual detection capabilities, attackers are pivoting away from them, looking for 'blind spots' in your architecture, leveraging vulnerabilities and misconfigurations in network devices, supply chains, and even firmware embedded deep within devices, areas where security visibility is limited. This trend is particularly significant due to the ...
How Does Threat Intelligence Apply to SaaS Security? And Why You Should Care

How Does Threat Intelligence Apply to SaaS Security? And Why You Should Care

Sept 16, 2024
In just a few clicks, any SaaS app can turn into a company's go-to system for collaboration, record keeping, CRM, workflow organization, marketing, human resource management, and more. These apps can also act as footholds from which threat actors can pivot into corporate environments and steal critical data.  The rapid adoption of SaaS apps is outpacing the implementation of necessary security measures. The rise in attacks—such as account takeovers and credential leaks—highlights this gap. On the users' end, the responsibilities include taking a security-first approach to account configuration i.e., continuously monitoring for access risks and emerging threats to their data. But with so many users, so many apps and so much data, it's easier said than done.  What leaves companies exposed to data breaches and leaks is the lack of clarity, context, and prompt action. Security teams must make a massive effort to research threats, filter the relevant ones, assess the impact of p...
Leveraging AI as a Tool in Threat Management

Leveraging AI as a Tool in Threat Management

Jun 03, 2024
From the moment it hits the wire—be it MISP or Mandiant—the value and efficacy of cyber threat intelligence (CTI) begins to decay for the organizations that intend to consume it. The data that was once essential for evaluating and reducing risk becomes dated and less helpful as adversaries constantly adapt their tactics, techniques, and procedures (TTPs).  We refer to this as ' threat intelligence decay .' Meanwhile, the NCSC have reported that threat actors have begun leveraging artificial intelligence, with an expectation that they will soon be using AI to evolve and enhance existing TTPs. This advent of AI is exacerbating the challenge of threat intelligence decay. Information that was once a golden nugget of defense can quickly turn into fool's gold, leaving organizations exposed to new threats. When we look at one of the most practical applications that threat intelligence has in an organization—the threat management process—it's frightening how much these problems are co...
Cybersecurity Resources