Tag Archive for: combined

How to Hunt for Ransomware with Combined PAN XSOAR Integrations

/in


cryptolocker-ransomware-xsoar

Here’s how to automate your file analysis routines and protect your valuable data from ransomware cyber criminals.

Through the years, ReversingLabs security solutions have been integrated with numerous third-party ecosystems and platforms, including IBM SOAR, Anomali ThreatStream, Splunk and Microsoft Azure cloud. Each integration is designed and developed to bring valuable ReversingLabs intelligence and data to users of as many cybersecurity platforms as possible.

The same goes for Palo Alto Networks Cortex XSOAR (XSOAR) — a well known and respected SOAR (Security Orchestration, Automation and Response) platform. There is a bundle of well crafted threat analysis apps developed by ReversingLabs and available on the XSOAR Marketplace. SOAR platforms enable threat analysts to create their own workflows and reactions to various security-related situations and incidents using data enrichment apps, data feeds and action playbooks.

DevOps Connect:DevSecOps @ RSAC 2022

Here’s how each of the mentioned types of tools ReversingLabs offers can be used with XSOAR.

Indicator Feed App: The Source of Ransomware Intelligence

If you want to perform detailed analysis on a large indicator dataset using a SOAR platform, first you need to bring the data to the platform. ReversingLabs’ Ransomware and Related Tools Feed for XSOAR brings in data that is already analyzed, labeled and assigned a certain malware reputation. Each indicator itself in this data feed is related to an instance of ransomware found in the wild, or in any possible way connected to ransomware activity. Each indicator is connected either to an ongoing, or a very recent, ransomware campaign. This is where the value of such a feed lies: The data is derived from numerous sources providing fresh and relevant malware information.

The Ransomware and Related Tools Feed

ReversingLabs Ransomware and Related Tools Feed for XSOAR currently provides four types of indicators:

  • file hashes
  • IPv4 addresses
  • URLs
  • domains

Each of these indicator types carries a lot of common types of metadata with additional information specific to each.

After installing and configuring the feed app, the indicators start flowing into XSOAR’s Threat Intel.

Figure 1: File hash indicator…

Source…

HackNotice Introduces the First-Ever Free Combined Security and Threat Awareness Service

/in


Fremont, CA: HackNotice launched world’s first security and threat awareness combination service available to both new and current users. Individuals may expand their understanding of appropriate cyber hygiene practices by taking the additional security awareness training course. The course includes 50 instructional videos, a cybersecurity exam, and accreditation

The new program is a wonderful addition for clients of HackNotice Teams, HackNotice’s security and threat awareness service, who are eager to boost their enterprise’s security programs. Quick, on-the-spot courses are ideal for engaging employees and business divisions inside an organization. Clients may also view dynamic statistics to see user and organizational progress and opportunities for development.

Hacknotice is the first company-wide security awareness software that makes staff more careful when using the internet. Users monitor, review, and respond quickly to real-world cyber-threats. The Hacknotice platform focuses on bridging the gap between the security staff and other workers through real-time warnings, round-the-clock monitoring, recovery advice, and extra education.

Cybersecurity training gets primarily provided to corporation personnel, with rigorous, week-long seminars and lectures typically costing hundreds of thousands of dollars. On the other hand, having strong security awareness is essential for any individual. The newly published self-paced course assures that everyone who has access to the internet may learn proper cyber practices.

HackNotice’s new course provides focused modules tailored to a user’s risk profile. “What makes the combined service great is that our threat modeling and security awareness course work together. When someone faces a large amount of personal information exposure, we recommend more phishing training. When someone has several passwords stolen, we have them focus on our password training. Now, users can receive the critical training that they need instantly, tailored to their specific risks,” said Steve Thomas, CEO and Co-Founder of HackNotice.

 

Source…

Twice as many desktops still running Windows XP than Windows 8, 8.1 combined

/in

Tick-tock goes the clock, with less than a week remaining until April 8 and the end of XP support. It would seem like crooks should be gearing up for a huge party to celebrate the coming cybercrime spree since about “300 million” computers are still running Windows XP.
Ms. Smith’s blog