SANS Top New Attacks and Threat Report
There are many places to find backward-looking statistics of how many attacks were launched in cyberspace. Forward-looking guidance areas that security managers should focus on are harder to find. In …
Comparing Images Such as Screenshots Using Perceptual Hashes
While investigating websites, analysts often acquire images, either as individual files from the sites or as screenshots (perhaps from Iris Investigate). The question is then “Can we identify images that …
The Impact of the SolarWinds Breach on Cybersecurity
Key Takeaways From the SolarWinds Breach The SolarWinds hack has presented a cybersecurity reckoning at a scale never before seen for the US government and private enterprises. While the width …
Domains That Begin With A Digit
Risk management is central to modern operational cybersecurity practice. DomainTools currently uses a proprietary machine learning model to compute risk scores for effective 2nd-level domains. This comparative case study looks …
Security Orchestration Automation and Response (SOAR) Buyer’s Guide
Research conducted by ESG found that 58% of organizations have a threat intelligence program, however with a reliance on manual processes and incompatible tools, organizations struggle to realize the value …
The DomainTools Report: Spring 2023 Edition
The most recent DomainTools Report examines hotspots of malicious Internet infrastructure by TLD, IP and name server ASN, IP hosting country, domain registrar, and SSL certificate issuer.
Security Information and Event Management (SIEM) Buyer’s Guide
What is Security Information and Event Management (SIEM)? Security Information and Event Management (SIEM) is an approach to security management that combines security information management (SIM) and security event management …
2022 Elastic Global Threat Report
This Elastic Global Threat Report is a product of Elastic Security Labs, our threat research branch with expertise in investigating computer network intrusions, analyzing malicious software, developing mitigations for broad categories of threats, and c…
Data Trustworthiness in the Energy Industry: Challenges, Risks, and Recommendations
The energy industry, like every other, is driven by myriad decisions, each of which depends on the best available data. In addition, the energy industry has multiple unique characteristics that challenge that data’s accuracy, quality, security, a…
Effective Strategies for Protecting Against Business Email Compromise (BEC)
While security tools have become more adept at detecting payloads in emails, attacks that lack known indicators and rely instead on impersonation/social engineering tactics are successfully bypassing these traditional controls and reaching inboxes. …
