Aggregator

Spanish telecommunications company Telefónica confirms an internal ticketing system was breached after stolen data was leaked on a hacking forum. [...]

Cybercrime History Teaches That Paying a Ransom for Data Deletion Is Foolish
Data breach victim PowerSchool, maker of a widely used K-12 student information system platform, has been attempting to assure schools, and parents and guardians, by saying its attacker has promised to delete the stolen data. What's the old saying about those who fail to learn from history?

Firm Folds AI Studio, Gemini API Into DeepMind; Sets up World Model Team
Google is restructuring its artificial intelligence teams and forming a new division under its DeepMind unit. Both the AI Studio team and the Gemini API team will now be run under DeepMind, a shift Google says will make DeepMind's work more accessible to the public.

The Year of the Typhoon Highlights from this edition:

The post Below the Surface Winter 2024 Edition – The Year in Review appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.

The post Below the Surface Winter 2024 Edition – The Year in Review appeared first on Security Boulevard.

At the recent Build IT 2024 event, our partner Sumeet Sabharwal from Netgain Technology, LLC participated in a compelling panel discussion. He shared valuable insights into the strategic decisions behind building their own solutions rather than reselling or white-labeling. Watch the full panel discussion below to gain more insights: Core Competency and Margin Excellence Sumeet

The post Minimizing Risk & Driving Growth: Insights from Sumeet Sabharwal at Build IT 2024  appeared first on Seceon Inc.

The post Minimizing Risk & Driving Growth: Insights from Sumeet Sabharwal at Build IT 2024  appeared first on Security Boulevard.

Funksec Ransomware has an announcement

[Darknetlive Archive] Four Facing Prison for Selling Drugs on Hansa Market

Threat actors are employing a new tactic called "transaction simulation spoofing" to steal crypto, with one attack successfully stealing 143.45 Ethereum, worth approximately $460,000. [...]

After a long, long, long writing effort … eh … break, we are ready with our 5th Deloitte and Google Cloud Future of the SOC paper “Future of SOC: Transform the ‘How’.”

As a reminder (and I promise you do need it; it has been years…), the previous 4 papers are:

• “New Paper: “Future of the SOC: Evolution or Optimization — Choose Your Path” (Paper 4 of 4.5)” [please consider rereading this before reading the new one!]
• “New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of 4)”
• “New Paper: “Future of the SOC: SOC People — Skills, Not Tiers” (Paper 2 of 4)”
• “New Paper: “Future of the SOC: Forces shaping modern security operations” (Paper 1 of 4)”

When facing the question of whether to evolve or optimize a Security Operations Center (SOC), security leaders have numerous risks and rewards to consider. Disruptions to normal operations, migration challenges, compatibility issues, advantages of new technologies, and learning curves for the teams involved are many important factors to consider.

Previously in our “Future of the SOC” series, we explored the conditions in which security leaders could transform SOC tools and practices vs conditions in which leaders could double down and improve their existing tooling and ways. Specifically, in our “Future of the SOC: Evolution or Optimization — Choose Your Path,” we laid out a decision matrix to help navigate the decision on whether to change or stay.

However, when we wrote the previous paper, lots of people asked us: OK, we ran through the process and the process led us to the need to transform (rather than optimize) our SOC. How do we go about it? Are there boosters or amplifiers for this? Are there related projects you can latch on, as this whole transformation business is just hard? This is exactly what we cover here in our current paper.

Specifically, we explore the change decision tree through the lens of three common scenarios as drivers for transformation: Cloud migration, Managed Detection and Response (MDR) adoption, and DevOps evolution.

Future of SOC paper 4.5

My favorite quotes:

• “As organizations migrate to the cloud, there’s a notable shift from endpoint-centric security models to a broader focus on data correlation and aggregation facilitated by SIEM and SOAR technologies. This shift is crucial for adapting to the dynamic, distributed nature of cloud environments and for effectively managing the increased complexity and profusion of security data. ” [A.C. — in less polite terms, “EDR-huggers” need to either push their EDR vendors to do real, not-endpoint-centric Cloud D&R or stop hugging…]
• ‘Shadow operations teams: Observe the incumbent service providers’ operations teams and/or the Customer Operations team in their day-to-day activities to understand and document lessons learned, known issues, exception scenarios, priorities, and dependencies” [A.C. — in this MDR-centric transformation the point is actually … getting better by learning from them, not doing the “four letter o” word … “outsourcing” :-) ]
• “The main challenge is that when the IT counterpart to security is much faster (hours vs. months, in some cases), security needs to “speed up or shut up.” Agile IT with 1990s-style slow security will fight, and the modern approach (IT) will normally win… putting the organization at risk.” [A.C. — never bet against inertia in large enterprise IT!]
• “A modern SOC should be an integral part of the DevOps ecosystem. It should prioritize speed, automation, and a mindset that treats security as an essential component of the development process from the outset. ” [A.C. — this sounds cliche, but security should not fight DevOps, but learn and adopt from it]

The paper is full of gems that go far beyond these quotes. Go and read it, but do consider rereading the previous paper before doing to.

Related blog posts:

• “New Paper: “Future of the SOC: Evolution or Optimization — Choose Your Path” (Paper 4 of 4.5)”
• Video version of this (slides)
• “New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of 4)”
• “New Paper: “Future of the SOC: Forces shaping modern security operations””
• “New Paper: “Future of the SOC: SOC People — Skills, Not Tiers””
• “New Paper: “Autonomic Security Operations — 10X Transformation of the Security Operations Center”
• WTH is Modern SOC, Part 1
• Baby ASO: A Minimal Viable Transformation for Your SOC
• Original ASO paper (2021)

New Paper: “Future of SOC: Transform the ‘How’” (Paper 5) was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post New Paper: “Future of SOC: Transform the ‘How’” (Paper 5) appeared first on Security Boulevard.

Разработчик из Германии выиграл дело о праве на ремонт маршрутизатора.

De Koninklijke Marine heeft vandaag op de Noordzee een Russische onderzeeboot en korvet geschaduwd. Zr.Ms. Friesland en de maritieme gevechtshelikopter NH90 zijn hierbij ingezet.

via the respected Software Engineering expertise of Mikkel Noe-Nygaard and the lauded Software Engineering / Enterprise Agile Coaching work of Luxshan Ratnaravi at Comic Agilé!

Permalink

The post Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #320 – Aligning Teams appeared first on Security Boulevard.

The U.S. Department of Justice indicted three operators of sanctioned Blender.io and Sinbad.io crypto mixer services used by ransomware gangs and North Korean hackers to launder ransoms and stolen cryptocurrency. [...]

SLM применяет метод Монте-Карло для сложных задач.

История гения, опередившего время.

A vulnerability was found in TOTOLINK A6000R 1.0.1-B20201211.2000. It has been classified as critical. This affects the function action_reboot. The manipulation of the argument opmode leads to command injection. This vulnerability is uniquely identified as CVE-2024-57212. It is possible to initiate the attack remotely. There is no exploit available.