"Because of how Uber's PM ran our #bugbounty program, the moment the reporter reached out, I was able to respond effectively." Melanie Ensign @Wednesday on the value of collaboration in #securitycomms #cybersecurity #incidentresponse #CriticalPointWarStories

https://youtu.be/8Ltyei5e1UI

Vulnerability Patching Lag Exposes 91% of Organizations to Known Threats

The alarming truth is that 91% of organizations are leaving themselves exposed to known threats due to a vulnerability patching lag, with only 9% able to remediate high-severity flaws within a critical 24-hour window. This delay is not just a statistic - it's a recipe for disaster, with organizations that…

https://osintsights.com/vulnerability-patching-lag-exposes-91-of-organizations-to-known-threats?utm_source=mastodon&utm_medium=social

#VulnerabilityManagement #PatchManagement #EmergingThreats #CyberHygiene #IncidentResponse

𝐕𝐚𝐜𝐚𝐭𝐮𝐫𝐞 – 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐒𝐩𝐞𝐜𝐢𝐚𝐥𝐢𝐬𝐭 𝐢𝐧𝐜𝐢𝐝𝐞𝐧𝐭 𝐫𝐞𝐬𝐩𝐨𝐧𝐬𝐞 & 𝐭𝐞𝐬𝐭𝐞𝐧

Sta jij stevig in je schoenen tijdens een cyberincident? En krijg je energie van incident response en het testen van security-maatregelen? In deze functie help je zorgorganisaties bij het detecteren, analyseren en herstellen van cyberincidenten.

➡️Nieuwsgierig of direct solliciteren? Check de vacature en reageer: https://z-cert.nl/werken-bij/security-specialist-incident-response-testen

#vacature #cybersecurity #incidentresponse #werkenbijzcert

Ransomware groups now move from breach to exfiltration in hours — not days.

The attack chain still has breakpoints. We cover where to break it. 

🇬🇧 https://zurl.co/AeIfU
🇩🇪 https://zurl.co/8FMQO

#CyberResilience #NIS2 #IncidentResponse #Cybersecurity

🚨 Ongoing ClickFix Campaign Alert 🚨

Threat actors are using fake browser/app update prompts to trick users into running malicious PowerShell scripts (Win+R → Ctrl+V).

Block & monitor these defanged IoCs:

🔹 amalgama[.]lat
🔹 bearman[.]bond
🔹 burunduktracker[.]xyz
🔹 cosmostars[.]shop
🔹 lenders[.]digital
🔹 megamegalodon[.]click
🔹 merindashop[.]cyou
🔹 mob[.]lanjut[.]in
🔹 moll[.]lanjut[.]in

#ClickFix #ThreatIntel #CyberSecurity #InfoSec #Malware #IOC #DFIR #ThreatHunting #BlueTeam #SOC #CTI #DetectionEngineering #IncidentResponse #OSINT #PowerShell #WindowsSecurity

So, what's our collective #infosec take on how well #AI is working in #IR / #incidentresponse ?

On one hand, storytelling and contextualizing, acting decisively on poor data, and changing direction radically if someone has a good data point, is core to response management.

OTOH, I can think of no worse situation to lean on a word salad generator tuned to what has been popular buzzwords in the security media glossies the last decade(s).

"The reality is that #incidentresponse is not that different from product sprints," says Melanie Ensign @Wednesday. "A resilient organization should be able to ebb and flow and put together the right people at the right time." #cybersecurity #CriticalPointWarStories

https://youtu.be/8Ltyei5e1UI