Threat Hunting

By cliangNo Comments
Suddenly, new market jargon "threat hunting" is spreading around under cybersecurity domain. It is a kind of proactive measure to uncover if your environment has already been penetrated and critical info are being exfiltrated. This kind of exercise is best executed by 3rd party periodically, because: If this is due to insider threat, it won't be surfaced In-house workforce might have assumption for certain things that won't go wrong Periodic check is for assurance because the threat hunting only spots situation at a particular point in time and its past, it cannot predict the future A more holistic approach is to augment this threat hunting exercise with workforce and business process strengthening to identify vulnerabilities for effective risk reduction....
Read More

Spam

By cliangNo Comments
Everything in the world is relative. For some, spam mails are annoying and try to filter them off the mailbox as spams usually associate with unsolicited sales or phishing attack. But for others, spam are considered as valuable resources. Honeypots are setup to collect spams, analyze and understand the trend, the TTP (Tactics, Techniques, and Procedures) of phishers in order to bring up awareness and counter-measures....
Read More