Microsoft’s John Lambert said today at Kaspersky Lab’s Security Analyst Summit that today’s network defenders need to be pliable, share threat information, and view their network dependencies as attackers do.
At the Security Analyst Summit, Kaspersky Lab researchers unveiled three cybercrime outfits—Metel, GCMAN, and Carbanak 2.0—targeting Russian banks with APT-style tactics.
Advanced attacks against industrial control systems are intelligence gathering operations in order to learn the inner workings of ICS infrastructure to facilitate sabotage.
At last week’s Security Analyst Summit Kris McConkey, part of PricewaterhouseCoopers’ UK Cyber Threat Operations team, discusses OpSec failures: How attackers are still humans and make mistakes like sometimes using personal email addresses and real names in their campaigns.
Dennis Fisher and Mike Mimoso discuss their takeaways from the SAS 2015 conference, including the Equation Group APT analysis, hacking car washes, indexing the dark web and hacking home appliances.
In this video from last week’s Security Analyst Summit, HackerOne’s Katie Moussouris explains the main thing companies that want to start a bounty program or vulnerability incentive program need to know: There is no one size fits all.
Trey Ford from Project Sonar describes the group’s initiative at Kaspersky’s Security Analyst Summit. The Rapid 7 service scans public-facing networks for apps, software, and hardware, then analyzes that cache of information to gain insight to trends and common vulnerabilities.
Dennis Fisher talks with Costin Raiu of the Kaspersky Lab GReAT team about the researcher behind the Equation Group campaign, the group’s capabilities and why they seem to have gone dark now.
Looking in one of the more obscure corners of the web, Billy Rios discovered how to hack automated car wash equipment.
In a talk Monday Christofer Hoff stressed that in security and martial arts alike, it’s hard to be a skilled defender if you don’t understand how your adversaries pull off the attacks.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
