Response News, Articles and Updates

Rapid detection and response to replace emphasis on perimeter

You won't become a great defender without attack capability. As a goalkeeper you need to play against the best to improve." Red teaming simulations part of AI tool learning process to identify truly malicious events.

Botched firmware patches: Six tips to avoid the pain

OEMs don't have the luxury of passing off failures like Meltdown and Spectre to customers as it impacts reputation and revenues. However, there are steps organisations can take to help protect both their business and customers.

A step through guide on how to mitigate a cyber-attack

The prospect of a cyber-attack on any organisation can be very daunting. However, if you have the processes, contacts and a strong response plan at the ready, the situation can be dealt with much more effectively.

Splunk acquires Phantom Cyber for US$ 350 million (£255 million)

Splunk has entered into an agreement to acquire Phantom Cyber Corp in a US$ 350 million (£255 million) cash and stock deal.

Proposed Pentagon plan sees nuclear response to some cyber-attacks

A massive and crippling cyber-attack upon the United States' infrastructure could elicit a nuclear response under a newly drafted strategy that has been presented to President Trump.

Retailers still in need of data breach response plan

A recent survey showed that surprisingly, a large percentage of retailers still have no data breach response plan in place.

The evolution of analytics in threat detection

Cyber threats are evolving quickly. Fortunately, so is incident detection and response (IDR), powered by data explains Eric Sun, with techniques such as honeypots identifying suspect behaviour.

Wannacry - North Korea blamed by UK; NHS didn't follow recommendations

National Audit Office (NAO) report says NHS trusts were left vulnerable to the unsophisticated Wannacry attack because NHS chiefs ignored cyber-security recommendations. UK Government holds North Korea responsible.

Has WannaCry trashed reputations of leading cyber-security vendors?

During a recent chat, Ian Trump - also known as phat_hobbit on Twitter - said the cyber-security industry had some difficult questions to answer in the wake of WannaCry.

The right way to respond to cyber-security threats is to be proactive

Gavin Russell discusses why having a defined a cyber-response process is important, and why it should be pro-active, covering all likely outcomes.

Okta research says slow tech upgrades puts companies at risk

Research from security company Okta is claiming that companies which aren't agile on technology upgrades are putting themselves at risk of cyber-attacks.

Hacker claims to breach Amazon server, Amazon disagrees

A security researcher claims to have hacked an Amazon server and dumped the information of tens of thousands of users online. Even though several sources appear to speak for the data's legitimacy, Amazon says it's nonsense.

36% of organisations have no cyber-attack response plan in place

An alarming 36 percent of businesses have yet to develop a cyber-attack response plan.

IP EXPO: Responsibility and blaming the victim

Today's panel at IPEXPO discussed the common bad habit of blaming the victim rather than the criminals who committed the crime.

SC Congress: Responding to a breach

Sarb Sembhi, Thomas Naylor, Thomas Whipp and Matt Holland joined forces at SC Congress to teach a willing audience how to respond to a breach.

Video: Insurance industry 'will drag cyber-security into the light'

Rapid 7's Trey Ford call for organisations to share data on security breaches to inform investigations, with regulation if necessary, while Rapid 7's 2015 Incident Detection Response Survey catalogues current concerns.

SC: Video Interview: Bankers v hackers with Dr Luke Hebbes

Security professionals can't afford to work in isolated bubbles when the attackers are openly sharing information about system vulnerabilities, says Dr Luke Hebbes, Kingston University, in our SC: Video Interview series.

NCA leads international cyber-crime exercise with FBI and Europol

Silver Shadow draws together authorities from eight countries to test response by US and European law enforcement to a large scale cyber-attack.

How to prepare for the inevitable: SC Roundtable sponsored by FireEye Mandiant

No one wants to plan for a breach, but its what you ought to do if you want to minimise the costs, data losses and reputational damage when the inevitable happens, hence the avid pre-planning at last week's SC roundtable.

SC Roundtable sponsored by Venafi: how to respond to a breach - successfully

Industry leaders gathered this week in the City of London's Sky Garden to discuss that most pressing of issues: How to respond to a breach - successfully.

Netgear patch delay left thousands of routers under attack

A Netgear router vulnerability remained unpatched for months after it was discovered by security researchers, leaving thousands of the devices under active attack.

Incident response - time is of the essence

Cyber-attacks are a top threat to organisations today; however, despite an increased effort to keep up with the rising scale and complexity of threats, IT teams are struggling to defend their networks, says Mike Smart.

Why your IR team should be more like Scooby Doo

If you want to get incident response right you need to channel Chuck Norris and become a bit more like the Scooby Doo team, says SANS instructor Steve Armstrong.

Alert fatigue: When your security system cries 'wolf.'

Too many false positives inevitably reduce response times - and even response numbers - so raise the verification bar and thereby limit them says Chandra Sekar.

Organisations are compromised - time to Respond!

In the wake of successful cyber-attacks, and security incidents taking down some of the biggest brands on the planet, impacting critical infrastructure and banking systems alike, it may be asserted that, when it comes to technology, by evidenced implication, it would seem to be exposed, fragile and vulnerable.

Russia to establish new cyber-threat response centre

A new state centre for cyber-threat response is being established in Russia this year, expected to be formally approved in March according to a Russian Parliament spokesperson talking to

The science behind DDoS extortion

Don't capitulate, have a plan in place, and of course, prevention is better than cure when it comes to tackling the prospect of DDoS ransom attacks says Dan Holden.

RSA Conference: RSA launches additions to Security Analytics and managed service model

RSA has announced the launch of new software and services to defend and mitigate against attacks.

European Commission calls for collaboration and incident sharing

The European Commission's plan for a secure and open internet depends on national security strategies and cooperation.

Java security lead admits problems in platform and need to improve communications

After a widely reported zero-day vulnerability affecting Java and another rumoured to be trading for $5,000, Oracle has admitted that there has been a 'relative silence on the issue' around Java security.