Collecting Cyber-News from over 60 sources

Tag: blueteam

Threat-informed defense for operational technology: Moving from information to action

Apr 2, 2025 5:55 PM

by

Andy Stern

in SecurityNews

Tags: access, ai, attack, automation, blueteam, cloud, control, crime, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, exploit, finance, fortinet, framework, group, incident response, infrastructure, intelligence, law, malicious, malware, mitre, network, phishing, PurpleTeam, ransomware, RedTeam, resilience, risk, service, soar, strategy, tactics, technology, threat, tool, usa

The rise of cybercrime-as-a-service Today’s macro threat landscape is a flourishing ecosystem of cybercrime facilitated by crime-as-a-service (CaaS) models. Cybercriminal networks now operate like legitimate businesses, with specialized units dedicated to activities such as money laundering, malware development, and spear phishing. This ecosystem lowers the barrier to entry for cybercrime, enabling low-skilled adversaries to launch…
Insurance companies can reduce risk with Attack Path Management

Jan 24, 2025 12:22 AM

by

Andy Stern

in SecurityNews

Tags: access, attack, backdoor, blueteam, breach, business, credentials, credit-card, data, identity, insurance, login, microsoft, network, risk, social-engineering, technology, threat, tool, vulnerability

TL;DR Insurance companies host large amounts of sensitive data (PII, PHI, etc.) and often have complex environments due to M&A and divestitures Most breaches start with human error Fortune 500 companies rely on Microsoft Active Directory as a backbone for Identity and Access Management Attackers target Active Directory to move laterally and escalate privilege An Attack…
Top 10 cybersecurity misconfigurations: Nail the setup to avoid attacks

Dec 17, 2024 7:44 AM

by

Andy Stern

in SecurityNews

Tags: access, attack, authentication, awareness, blueteam, breach, cisa, cloud, computing, control, credentials, cyber, cybersecurity, data, data-breach, endpoint, exploit, extortion, firmware, incident response, infrastructure, intelligence, kev, malicious, malware, mfa, microsoft, monitoring, network, office, open-source, password, phishing, RedTeam, risk, service, software, supply-chain, threat, unauthorized, update, vulnerability, zero-day, zero-trust

While cybersecurity headlines are often dominated by the latest zero-day or notable vulnerability in a vendor’s software/product or open-source software library, the reality is that many significant data breaches have been and will continue to be due to misconfigurations.To underscore the serious of this issue, the US National Security Agency (NSA) and the Cybersecurity and…
Blue Team Con 2024: Sharing Security Insights and Defense Strategies in Chicago

Sep 11, 2024 12:37 AM

by

Andy Stern

in SecurityNews

Tags: blueteam, defense, skills, strategy

Key insights and defense strategies were shared at Blue Team Con 2024 in Chicago, where defenders gathered to advance their skills for fighting today’… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/blue-team-con-2024-sharing-security-insights-and-defense-strategies-in-chicago/
Red Team vs Blue Team vs Purple Team: Differences Explained

May 22, 2024 11:08 AM

by

Andy Stern

in SecurityNews

Tags: blueteam, PurpleTeam, RedTeam

First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/networks/red-team-vs-blue-team-vs-purple-team/

Tag: blueteam

Threat-informed defense for operational technology: Moving from information to action

Insurance companies can reduce risk with Attack Path Management

Top 10 cybersecurity misconfigurations: Nail the setup to avoid attacks

Blue Team Con 2024: Sharing Security Insights and Defense Strategies in Chicago

Red Team vs Blue Team vs Purple Team: Differences Explained