The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: Cynet

Comprehensive, Easy Cybersecurity for Lean IT Security Teams Starts with XDR

Comprehensive, Easy Cybersecurity for Lean IT Security Teams Starts with XDR
June 15, 2022The Hacker News
Breaches don't just happen to large enterprises. Threat actors are increasingly targeting small businesses. In fact,  43%  of data breaches involved small to medium-sized businesses. But there is a glaring discrepancy. Larger businesses typically have the budget to keep their lights on if they are breached. Most small businesses ( 83% ), however, don't have the financial resources to recover if they are a victim of an attack.  These small security teams were getting lost in the shuffle...until now.  The rise of XDR  As the threat landscape changes and bad actors continue to evolve their tactics, the industry is responding with new solutions and approaches to the way we do cybersecurity. The most recent evolution of cybersecurity technology is extended detection and response (XDR). There's no doubt you've heard of it. But do you have a firm grasp on what it really is and its unique value? If you shook your head "no" – you aren't alone. Industry exper

[Template] Incident Response for Management Presentation

[Template] Incident Response for Management Presentation
May 25, 2022The Hacker News
Security incidents occur. It's not a matter of "if," but of "when." That's why you implemented security products and procedures to optimize the incident response (IR) process. However, many security pros who are doing an excellent job in handling incidents find effectively communicating the ongoing process with their management a much more challenging task. Feels familiar? In many organizations, leadership is not security savvy, and they aren't interested in the details regarding all the bits and bytes in which the security pro masters.  Luckily, there is a template that security leads can use when presenting to management. It's called the  IR Reporting for Management template , providing CISOs and CIOs with a clear and intuitive tool to report both the ongoing IR process and its conclusion. The IR Reporting for Management template enables CISOs and CIOs to communicate with the two key points that management cares about—assurance that the incid

[eBook] Your 90-Day MSSP Plan: How to Improve Margins and Scale-Up Service Delivery

[eBook] Your 90-Day MSSP Plan: How to Improve Margins and Scale-Up Service Delivery
May 18, 2022The Hacker News
To cash in on a thriving market, a managed security service provider (MSSP) must navigate unprecedented competition and complex challenges. The good news is that demand is through the roof. 69% of organizations plan to boost spending on cybersecurity in 2022.  The bad news is that everyone wants a piece of the pie. MSSPs must outshine each other while fending off encroachments by traditional IT vendors and MSPs. As a result, some MSSPs are succumbing to the squeeze of low margins. Others are struggling to scale successfully.  The most successful MSSPs are taking action to improve their current financial position while laying a foundation for long-term growth. A new eBook, " Your 90-Day MSSP Plan: How to Improve Margins and Scale Up Service Delivery ," to help MSSPs understand the current cybersecurity landscape, their current position in it, what you they're well, and where they can improve the most.  This nine-step plan offers a clear path for MSSPs to boost profitab

[White Paper] Social Engineering: What You Need to Know to Stay Resilient

[White Paper] Social Engineering: What You Need to Know to Stay Resilient
May 11, 2022The Hacker News
Security and IT teams are losing sleep as would-be intruders lay siege to the weakest link in any organization's digital defense: employees. By preying on human emotion, social engineering scams inflict billions of dollars of damage with minimal planning or expertise. Cybercriminals find it easier to manipulate people before resorting to technical "hacking" tactics. Recent research reveals that social engineering is leveraged in 98% of attacks. As the rapid, ongoing acceleration of remote work raises the stakes, security leaders are fighting back with education and awareness. Resources developed by experts, like this new white paper — " Social Engineering: What You Need to Know to Stay Resilient " — identify the most common tactics, track how these types of attacks are evolving, and provide tips to protect organizations and their end-users. These insights not only inform security practitioners of the latest tactics and emerging threats, but help employees unde

[eBook] The Ultimate Security for Management Presentation Template

[eBook] The Ultimate Security for Management Presentation Template
April 20, 2022The Hacker News
Are you a CISO, CIO, or IT Director? In your role, you're responsible for breach protection – which means you oversee and govern the process of designing, building, maintaining, and continuously enhancing your organization's security program.  But getting buy-in from leadership can be difficult when they are a non-technical audience. On top of managing your organization's breach protection activity 24/7, you have to find time to figure out how to effectively articulate the risks, potential impacts, and appropriate steps necessary in a way that will convince leadership to invest in the resources required to keep your organization safe. Compounding this is the fact that, while you are focused on things like malware, exploits, and network traffic – your leadership is primarily concerned with operational loss and calculated risk.  How do you bridge the gap and help leadership understand your priorities and your team's business impact? You must identify the security i

Webinar: How The Right XDR Can Be a Game-Changer for Lean Security Teams

Webinar: How The Right XDR Can Be a Game-Changer for Lean Security Teams
April 13, 2022The Hacker News
Extended detection and response (XDR) is expected to be the future of cybersecurity, merging security technologies with the evolving approach to the way we do cybersecurity. And while many organizations are scrambling to integrate XDR into their cybersecurity strategies – even more are still trying to figure out what XDR really is and if it's even the right solution for their organization.  But there are some organizations that are getting lost in the debate and are wondering if there is a place for them in this new frontier of cybersecurity: organizations with lean security teams and limited resources.  Fortunately, Cynet, a cybersecurity company, is hosting an upcoming webinar in partnership with Enterprise Strategy Group (ESG) that will explore how choosing the right XDR can be impactful for companies lean security teams [ register here ]. During the webinar, Jon Oltsik, Senior Principal Analyst with ESG, and George Tubin, Director of Product Strategy at Cynet, will cover:  Lea

Cyber Security WEBINAR — How to Ace Your InfoSec Board Deck

Cyber Security WEBINAR — How to Ace Your InfoSec Board Deck
April 06, 2022The Hacker News
Communication is a vital skill for any leader at an organization, regardless of seniority. For security leaders, this goes double. Communicating clearly works on multiple levels. On the one hand, security leaders and CISOs must be able to communicate strategies clearly – instructions, incident response plans, and security policies. On the other, they must be able to communicate the importance of security and the value of having robust defenses to the C-level.  For CISOs and other security leaders, this latter skill is crucial but often overlooked or not prioritized. A new webinar: " How to ace your Infosec board deck ," looks to shed light on both the importance of being able to communicate clearly with management, and key strategies to do so effectively. The webinar will feature a conversation with vCISO and Cybersecurity Consultant Dr. Eric Cole, as well as Norwest Venture Partners General Partner Dave Zilberman.  More so than just talking about the dollar value of a sec

Results Overview: 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition

Results Overview: 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition
April 01, 2022The Hacker News
Threat actor groups like Wizard Spider and Sandworm have been wreaking havoc over the past few years – developing and deploying cybercrime tools like Conti, Trickbot, and Ryuk ransomware. Most recently, Sandworm (suspected to be a Russian cyber-military unit) unleashed cyberattacks against Ukranian infrastructure targets. To ensure cybersecurity providers are battle ready, MITRE Engenuity uses real-world attack scenarios and tactics implemented by threat groups to test security vendors' capabilities to protect against threats – the MITRE ATT&CK Evaluation. Each vendor's detections and capabilities are assessed within the context of the  MITRE ATT&CK Framework. This year, they used the tactics seen in Wizard Spider and Sandworm's during their evaluation simulations. And MITRE Engenuity didn't go easy on these participating vendors. As mentioned before – the stakes are too high, and risk is growing. The 2022 results overview To think about it simply, this MITRE ATT&CK Ev

Use This Definitive RFP Template to Effectively Evaluate XDR solutions

Use This Definitive RFP Template to Effectively Evaluate XDR solutions
March 23, 2022The Hacker News
A new class of security tools is emerging that promises to significantly improve the effectiveness and efficiency of threat detection and response. Emerging Extended Detection and Response (XDR) solutions aim to aggregate and correlate telemetry from multiple detection controls and then synthesize response actions. XDR has been referred to as the next step in the evolution of Endpoint Detection and Response (EDR) solutions. Because XDR represents a new solution category, there is no single accepted definition of what capabilities and features should (and shouldn't) be included. Each provider approaches XDR with different strengths and perspectives on how what an XDR solution should include. Therefore, selecting an XDR provider is quite challenging as organizations must organize and prioritize a wide range of capabilities that can differ significantly between providers. Cynet is now addressing this need with the Definitive RFP Template for XDR solutions ( download here ),

The Incident Response Plan - Preparing for a Rainy Day

The Incident Response Plan - Preparing for a Rainy Day
March 09, 2022The Hacker News
The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity more seriously than ever, successful breaches and ransomware attacks are on the rise. While a successful breach is not inevitable, it is becoming more likely despite best efforts to prevent it from happening.  Just as it wasn't raining when Noah built the ark, companies must face the fact that they need to prepare - and educate the organization on - a well-thought-out response plan if a successful cyberattack does occur. Obviously, the worst time to plan your response to a cyberattack is when it happens. With so many companies falling victim to cyberattacks, an entire cottage industry of Incident Response (IR) services has arisen. Thousands of IR engagements have helped surface best practices and preparedness guides to help those that have yet to fall victim to a cyberattack.  Recently, cybersecurity company Cynet provided an  Incident Response plan Word template  to help com

LIVE Webinar: Key Lessons Learned from Major Cyberattacks in 2021 and What to Expect in 2022

LIVE Webinar: Key Lessons Learned from Major Cyberattacks in 2021 and What to Expect in 2022
March 02, 2022The Hacker News
With the COVID-19 pandemic continuing to impact, and perhaps permanently changing, how we work, cybercriminals again leveraged the distraction in new waves of cyberattacks. Over the course of 2021 we saw an increase in multiple attack approaches; some old, some new. Phishing and ransomware continued to grow from previous years, as expected, while new attacks on supply chains and cryptocurrencies captured our attention. We also saw an uptick in critical Windows vulnerabilities, again proving that no matter how many vulnerabilities are found, more will always exist.  As we enter 2022, we are seeing novel attacks originating from the conflict in Ukraine, which will certainly make their way into criminal attacks on worldwide businesses. In an upcoming webinar ( register here ), Cybersecurity company Cynet will provide an in-depth review of the high-profile attacks we saw in 2021 and provide guidance to cybersecurity professionals for 2022. What are the top cyberattacks in 2021 that Cyn

[Webinar] When More Is Not Better: Solving Alert Overload

[Webinar] When More Is Not Better: Solving Alert Overload
February 16, 2022The Hacker News
The increasing volume and sophistication of cyberattacks have naturally led many companies to invest in additional cybersecurity technologies. We know that expanded threat detection capabilities are necessary for protection, but they have also led to several unintended consequences. The "more is not always better" adage fits this situation perfectly. An upcoming webinar by cybersecurity company Cynet ( register here ) sheds light on alert overload, the result of too many alerts. Beyond discussing the stress and strain placed on cybersecurity teams trying to sift through an ongoing barrage of threat alerts, Cynet shows how this situation actually degrades cybersecurity effectiveness. Then Cynet will talk about the way out – something important to almost every company suffering from alert overload. The Real Impact of Alert Overload It's interesting that threat alerts, which are so vital to protection have also become an obstacle. Cynet lays out two key reasons why this has come about

Cynet Log4Shell Webinar: A Thorough - And Clear - Explanation

Cynet Log4Shell Webinar: A Thorough - And Clear - Explanation
February 04, 2022The Hacker News
Most security practitioners are now aware of the Log4Shell vulnerability discovered toward the end of 2021. No one knows how long the vulnerability existed before it was discovered. The past couple of months have had security teams scrambling to patch the Log4Shell vulnerability found in Apache Log4j, a Java library widely used to log error messages in applications. Beyond patching, it's helpful and instructive for security practitioners to have a deeper understanding of this most recent critical vulnerability. Fortunately, Cynet Senior Security Researcher Igor Lahav is hosting a webinar [ Register here ] to provide "buzzword free" insights into Log4Shell. Based on a webinar preview provided by Cynet, the discussion will cover the software bugs in Apache Log4j that permitted the critical vulnerability, the exploits used to take advantage of the vulnerabilities and the remediation options available to protect your organization. This webinar will help make sense of the so

Cynet's Keys to Extend Threat Visibility

Cynet's Keys to Extend Threat Visibility
February 02, 2022The Hacker News
We hear about the need for better visibility in the cybersecurity space – detecting threats earlier and more accurately. We often hear about the dwell time and the time to identify and contain a data breach. Many of us are familiar with IBM's Cost of a Data Breach Report that has been tracking this statistic for years. In the 2021 report, IBM found that, on average, it takes an average of 212 days to identify a breach and then another 75 days to contain the breach, for a total of 287 days. A new  solution overview document  provides insights on how XDR provider Cynet tackles the difficult problem of greatly improving threat visibility. Cynet takes a modern approach that includes a greater level of native technology integration and advanced automation purposely designed for organizations with smaller security teams than Fortune 500 organizations. A live webinar will discuss the same topic ( Register here ) Cynet's Keys for Threat Visibility Einstein said that the definition of i

Cyber Threat Protection — It All Starts with Visibility

Cyber Threat Protection — It All Starts with Visibility
January 19, 2022The Hacker News
Just as animals use their senses to detect danger, cybersecurity depends on sensors to identify signals in the computing environment that may signal danger. The more highly tuned, diverse and coordinated the senses, the more likely one is to detect important signals that indicate danger. This, however, can be a double-edged sword. Too many signals with too little advanced signal processing just leads to a lot of noise. The right, diverse set of signals with highly evolved signal processing leads to survival. It therefore makes sense that broad threat visibility across the IT environment is fundamental for detecting cyberattacks. Cybersecurity company Cynet puts this in perspective in a new eBook,  The Guide for Threat Visibility for Lean IT Security Teams – link to this . The Ongoing Problem of Limited Threat Visibility The complexity of today's IT environments has made it exceedingly difficult to protect. The defensive perimeter has expanded with an expanded remote workforce, incr

XDR: Redefining the game for MSSPs serving SMBs and SMEs

XDR: Redefining the game for MSSPs serving SMBs and SMEs
January 12, 2022The Hacker News
SMBs and SMEs are increasingly turning to MSSPs to secure their businesses because they simply do not have the resources to manage an effective security technology stack. However, it's also challenging for MSSPs to piece together an effective but manageable security technology stack to protect their clients, especially at an affordable price point. This is where Extended Detection and Response (XDR) comes in and can help MSSPs boost their profitability from SMB and SME and improve their protections. XDR is heating up within the MSSP market as these security service providers stand to gain tremendous financial and operational benefits from this nascent technology. XDR promises far better security outcomes at a lower cost than the current security stack approaches most MSSPs currently have in place. One sticky point that keeps arising in the XDR discussion has to do with the different technology approaches XDR providers rely upon to deliver platform capabilities. Most of us have heard

Cynet's MDR Offers Organizations Continuous Security Oversight

Cynet's MDR Offers Organizations Continuous Security Oversight
December 15, 2021The Hacker News
Today's cyber attackers are constantly looking for ways to exploit vulnerabilities and infiltrate organizations. To keep up with this evolving threat landscape, security teams must be on the lookout for potential risks around the clock. Since most organizations simply cannot afford to have 24x7 security teams, managed detection and response (MDR) services have become a critical aspect of any modern security stack.  Most organizations must find outsourced MDR providers on top of their existing solutions, but that's not always a feasible solution. XDR provider Cynet offers its MDR service ( learn more here ), which the company calls CyOps, as part of its offering. The service is much more than simply a help desk, though. CyOps offers a thorough MDR service that offers both monitoring and threat hunting, as well as incident response in cases where an attack is successful.  How CyOps operates The key selling point for CyOps MDR is that it enhances organizations' security a

[eBook] Guide to Achieving 24x7 Threat Monitoring and Response for Lean IT Security Teams

[eBook] Guide to Achieving 24x7 Threat Monitoring and Response for Lean IT Security Teams
December 08, 2021The Hacker News
If there is one thing the past few years have taught the world, it's that cybercrime never sleeps. For organizations of any size and scope, having around-the-clock protection for their endpoints, networks, and servers is no longer optional, but it's also not entirely feasible for many. Attackers are better than ever at slipping in undetected, and threats are constantly evolving.  Teams can't afford to take a minute off, but they also can't manage the massive security necessary to defend most organizations. A new eBook by XDR provider Cynet ( download here ) breaks down this challenge and offers some solutions for lean security teams looking for ways to improve their detection and response capabilities.  The guide strikes an optimistic tone for lean IT security teams. Though the challenges are expansive – including talent shortages, an ever-expanding threat surface, and rising security tool prices – organizations can still find smart and effective ways to stay protected 24x7. Why 2

Webinar and eBook: The Dark Side of EDR. Are You Prepared?

Webinar and eBook: The Dark Side of EDR. Are You Prepared?
November 23, 2021The Hacker News
Endpoint Detection and Response (EDR) platforms have received incredible attention as the platform for security teams. Whether you're evaluating an EDR for the first time or looking to replace your EDR, as an information security professional, you need to be aware of the gaps prior already to implementation so you can best prepare how to close the gaps. It's important to understand that each company is unique, and an EDR that a large company uses might not necessarily be the technology that works best when you are leading a small security team, even if you're within the same industry vertical. Understanding your threat detection technology requirements based on your unique company characteristics will help you choose the right one.  The eBook and webinar "The Dark Side of EDR. Are You Prepared?" helps you in that requirement definition process. It points out the dark side(s) of EDR and provides guidance as to how to overcome them according to your company'

On-Demand Webinar: Into the Cryptoverse

On-Demand Webinar: Into the Cryptoverse
November 17, 2021The Hacker News
In the span of a few years, cryptocurrencies have gone from laughingstock and novelty to a serious financial instrument, and a major sector in high-tech. The price of Bitcoin and Ethereum has gone from single dollars to thousands, and they're increasingly in the mainstream.  This is undoubtedly a positive development, as it opens new avenues for finance, transactions, tech developments, and more. Unfortunately, no innovation is without its dark side, and the crypto industry is no exception. A new webinar from XDR provider Cynet ( you can see it here ) dives deeper into this dark corner to explore the intersection of cybersecurity and cryptocurrency.  The first question is how, exactly, cryptocurrency creates security vulnerabilities for organizations. There's no single answer, and in many cases, the results are more indirect. This bears closer inspection, and the webinar, led by Cynet  CyOps Analyst  Ronen Ahdut, studies the different ways cryptocurrencies are used by attackers.  I
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.