Security analysts and threat hunters know the importance of IOCs – indicators of compromise. But EOCs – enablers of compromise – are just as important.
indicators of compromise
Podcast: Passwords are dying, but they’re not going anywhere
In-brief: Companies like Microsoft and Google have both unveiled initiatives that de-emphasize the traditional, static, alpha-numeric password in recent days. So is the password going the way of the horse and buggy? Don’t be so sure, says Robert Capps of the firm NuData. Capps thinks that passwords will be with us for the foreseeable future and that companies concerned about security need to do more than just find a more secure way to log-in.
Report: Hacking Crews are all APT now
In-brief:The tactics of cyber criminal hacking crews are indistinguishable from those of sophisticated, state sponsored “advanced persistent threat” groups, the firm FireEye said in its most recent M-Trends report.
Did NSA Hackers The Shadow Brokers have a Broker?
In-brief: analysis of the latest leak of sophisticated hacking tools by The Shadow Brokers suggests that the theft was an inside job, the security firm Flashpoint contends.
Don’t Be The DNC: An Introduction to Enterprise Threat Hunting
In-brief: The New York Times expose on the hack of the Democratic National Committee is a case study in how not to respond to a cyber attack. In this video interview with Tim Bandos of Digital Guardian, we talk about how to do it right. His new ebook on hunting digital threats in the enterprise explains that incident response doesn’t have to cost a fortune.
