Indicators of compromise (IOCs) are an incredibly important forensic artifacts which, as the name suggests, are used in incident response and threat research to discover if a system has been compromised. They come in various forms, for example, unusual outbound network traffic, an MD5 file in a temporary directory, or even log-in irregularities. One class of IOCs so far resistant to detection by traditional methods relates to the use of external content in web-based attacks.
At Black Hat Europe earlier today, Trend Micro senior security researcher Marco Balduzzi, explained how a new machine learning approach can reap fantastic results for early detection of such threats. Continue reading →
Today’s IT security bosses are assailed from all sides by a huge variety of online threats. They’re designed to exploit known and unknown vulnerabilities across cloud, mobile, virtual and hybrid environments. And increasingly, they’re developed to outwit traditional signature-based tools. Yet the impact of these threats has never been greater. Data breaches and service outages can lead to heavy industry fines, damage to the brand, lost customers, remediation and clean-up costs, and even heft legal bills.
That’s why we have developed a new statistical-based approach designed to learn as it goes to detect modern unknown threats. This XGen approach was revealed at Black Hat today by senior researcher, Marco Balduzzi. Continue reading →
If there’s one word that perfectly sums up the past few weeks, it’s: “uncertainty”. Many IT bosses have been left unsure by many things following the referendum result – not least whether they should continue efforts to comply with the European General Data Protection Regulation (GDPR) or assume this is no longer necessary. New Trend Micro research has reaffirmed that compliance is the way to go. Why? Because it reveals a British public fed up with data breaches and increasingly aware of the value of their own data and how it’s used.
If you want to find out more on this and other key security issues and trends of the moment, come down to our annual CLOUDSEC event in London on the 6th of September. Continue reading →
Regulator the US Food and Drug Administration (FDA) has just released new security guidance for medical device manufacturers as part of a major push to improve information security in the healthcare sector there. With its recommendations to follow industry frameworks like NIST, improve information sharing and adopt best practices around vulnerability disclosures, it’s a long overdue and positive step from the agency. So what of the UK’s healthcare sector?
With the EU General Data Protection Regulation (GDPR) fast approaching, I’m afraid to say things are still far from where they should be. Healthcare is by a country mile the worst offender when it comes to data security incidents. It’s time that changed. Continue reading →