Whether it be threat hunting, an active defense posture or just improving security instrumentation alerts and logs an organization keeps, it’s best for every user — no matter the size — to be prepared for when a cybersecurity incident or breach occurs.
An active defense posture, where the defenders actively use threat intelligence and their own telemetry to uncover potential compromises, is the next stage in the cyber security maturity road. Instead of waiting for detections to trigger, defenders can take initiative and hunt threat actors.
As 2023 begins I wanted to look forward on the future of state sponsored aggression and how we can see it change and evolve over the next year and beyond.
Organizations must proactively limit supply chain risks through careful selection of the company they keep while preparing to respond to an incident that will invariably originate from the supply chain.
There are many ways to approach this growing threat, but here's why Talos feels intent-based protection is the best.
Cisco Talos examined several frequently used code repositories. We looked specifically at the security afforded to developer accounts, and how difficult it would be for an attacker to take over a developer account.
Over the past six months to a year, we have seen an increasing amount of incident response engagements involving malicious insiders and unwitting assets being compromised via social engineering.
In the wake of the U.S. Supreme Court’s ruling in Dobbs v. Jackson Women’s Health Organization that reversed previous interpretations of the 14th amendment on privacy from Roe v. Wade, users of sensitive health apps need to be mindful of the kinds of data these apps keep, sell and share.
The cybersecurity industry tends to focus on extremely large-scale or sophisticated, state-sponsored attacks. Rightfully so, as it can be the most interesting, technically speaking. When most people think of cybercrime they think of large-scale breaches because that’s what domin