Incident Response

4 ways to use time to level up your security monitoring

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, InfluxData, monitoring, News, opinion, SaaS, security telemetry, SIEM /

4 ways to use time to level up your security monitoring 2025-10-03 at 09:09 By Help Net Security SIEMs excel at correlating events and firing alerts, but their ingest pipelines can get overwhelmed when scaled. And because most SIEMs rely on general-purpose log storage platforms, even with lower-cost archive tiers, long-term retention at full fidelity […]

React to this headline:

Loading spinner

4 ways to use time to level up your security monitoring Read More »

Cyberattack on JLR Prompts £1.5 Billion UK Government Intervention

bailout, cyberattack, disruption, Featured, Government, Incident Response, UK /

Cyberattack on JLR Prompts £1.5 Billion UK Government Intervention 2025-09-29 at 14:37 By Eduard Kovacs The government has announced a support package, but a cybersecurity expert has raised some concerns. The post Cyberattack on JLR Prompts £1.5 Billion UK Government Intervention appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Cyberattack on JLR Prompts £1.5 Billion UK Government Intervention Read More »

Building a stronger SOC through AI augmentation

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, Incident Response, LLMs, News, OpenText, SOC, strategy /

Building a stronger SOC through AI augmentation 2025-09-24 at 09:22 By Mirko Zorz In this Help Net Security interview, Tim Bramble, Director of Threat Detection and Response at OpenText, discusses how SOC teams are gaining value from AI in detecting and prioritizing threats. By learning what “normal” looks like across users and systems, AI helps

React to this headline:

Loading spinner

Building a stronger SOC through AI augmentation Read More »

Jaguar Land Rover Says Shutdown Will Continue Until at Least Oct 1 After Cyberattack

Incident Response /

Jaguar Land Rover Says Shutdown Will Continue Until at Least Oct 1 After Cyberattack 2025-09-24 at 01:55 By Associated Press JLR extended the pause in production “to give clarity for the coming week as we build the timeline for the phased restart of our operations and continue our investigation.” The post Jaguar Land Rover Says

React to this headline:

Loading spinner

Jaguar Land Rover Says Shutdown Will Continue Until at Least Oct 1 After Cyberattack Read More »

HoundBytes Launches Automated Security Analyst

analyst, HoundBytes, Incident Response, SOC, Workhorse /

HoundBytes Launches Automated Security Analyst 2025-09-22 at 15:02 By Eduard Kovacs The Romania-based company has launched WorkHorse and is preparing for a funding round to accelerate growth. The post HoundBytes Launches Automated Security Analyst appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

HoundBytes Launches Automated Security Analyst Read More »

Airport Cyberattack Disrupts More Flights Across Europe

cybercrime, Europe, Featured, Incident Response /

Airport Cyberattack Disrupts More Flights Across Europe 2025-09-21 at 19:40 By Associated Press The cyberattack affected software of Collins Aerospace, whose systems help passengers check in, print boarding passes and bag tags, and dispatch their luggage. The post Airport Cyberattack Disrupts More Flights Across Europe appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Airport Cyberattack Disrupts More Flights Across Europe Read More »

Cyberattack Disrupts Check-In Systems at Major European Airports

airline, cyberattack, cybercrime, Europe, Featured, Incident Response /

Cyberattack Disrupts Check-In Systems at Major European Airports 2025-09-21 at 18:31 By Associated Press The disruptions to airport electronic systems meant that only manual check-in and boarding was possible. The post Cyberattack Disrupts Check-In Systems at Major European Airports appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Cyberattack Disrupts Check-In Systems at Major European Airports Read More »

Jaguar Land Rover Operations ‘Severely Disrupted’ by Cyberattack

disaster recovery, Incident Response, Jaguar /

Jaguar Land Rover Operations ‘Severely Disrupted’ by Cyberattack 2025-09-03 at 13:15 By Ionut Arghire The automotive company said it disconnected its systems, which severely impacted both retail and manufacturing operations. The post Jaguar Land Rover Operations ‘Severely Disrupted’ by Cyberattack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Jaguar Land Rover Operations ‘Severely Disrupted’ by Cyberattack Read More »

Security Firms Hit by Salesforce–Salesloft Drift Breach

Data Breaches, Incident Response, Salesforce, Salesloft /

Security Firms Hit by Salesforce–Salesloft Drift Breach 2025-09-03 at 13:06 By Ionut Arghire Hackers accessed customer contact information and case data from Salesforce instances at Cloudflare, Palo Alto Networks, and Zscaler. The post Security Firms Hit by Salesforce–Salesloft Drift Breach appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Security Firms Hit by Salesforce–Salesloft Drift Breach Read More »

Using lightweight LLMs to cut incident response times and reduce hallucinations

Artificial Intelligence, CISO, cybersecurity, Don't miss, Features, Hot stuff, Incident Response, LLMs, News, research, security operations, strategy, Threat Intelligence, tips /

Using lightweight LLMs to cut incident response times and reduce hallucinations 2025-08-21 at 09:03 By Mirko Zorz Researchers from the University of Melbourne and Imperial College London have developed a method for using LLMs to improve incident response planning with a focus on reducing the risk of hallucinations. Their approach uses a smaller, fine-tuned LLM

React to this headline:

Loading spinner

Using lightweight LLMs to cut incident response times and reduce hallucinations Read More »

How military leadership prepares veterans for cybersecurity success

cybersecurity, Don't miss, Features, Hot stuff, Incident Response, News, NTT, skill development, threats, training /

How military leadership prepares veterans for cybersecurity success 2025-08-15 at 09:47 By Mirko Zorz In this Help Net Security interview, Warren O’Driscoll, Head of Security Practice at NTT DATA UK and Ireland, discusses how military leadership training equips veterans with the mindset, resilience, and strategic thinking needed to excel in cybersecurity. Drawing on habits such

React to this headline:

Loading spinner

How military leadership prepares veterans for cybersecurity success Read More »

PLoB: A Behavioral Fingerprinting Framework to Hunt for Malicious Logins

Identity & Access, Incident Response, PLoB, Splunk /

PLoB: A Behavioral Fingerprinting Framework to Hunt for Malicious Logins 2025-08-06 at 19:48 By Kevin Townsend Splunk researchers developed a system to fingerprint post-logon behavior, using AI to find subtle signals of intrusion. The post PLoB: A Behavioral Fingerprinting Framework to Hunt for Malicious Logins appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

PLoB: A Behavioral Fingerprinting Framework to Hunt for Malicious Logins Read More »

Smart steps to keep your AI future-ready

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, Incident Response, News, PwC, regulation, strategy /

Smart steps to keep your AI future-ready 2025-08-01 at 09:36 By Mirko Zorz In this Help Net Security interview, Rohan Sen, Principal, Cyber, Data, and Tech Risk, PwC US, discusses how organizations can design autonomous AI agents with strong governance from day one. As AI becomes more embedded in business ecosystems, overlooking agent-level security can

React to this headline:

Loading spinner

Smart steps to keep your AI future-ready Read More »

Open Source CISA Tool Helps Defenders With Hacker Containment, Eviction

Incident Response /

Open Source CISA Tool Helps Defenders With Hacker Containment, Eviction 2025-07-31 at 17:02 By Ionut Arghire The tool includes resources to help organizations during the containment and eviction stages of incident response. The post Open Source CISA Tool Helps Defenders With Hacker Containment, Eviction appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Open Source CISA Tool Helps Defenders With Hacker Containment, Eviction Read More »

Clorox Sues Cognizant for $380 Million Over 2023 Hack

Clorox, Cognizant, Incident Response, lawsuit /

Clorox Sues Cognizant for $380 Million Over 2023 Hack 2025-07-24 at 15:11 By Eduard Kovacs Clorox is blaming Congnizat for the 2023 cyberattack, claiming that the IT provided handed over passwords to the hackers. The post Clorox Sues Cognizant for $380 Million Over 2023 Hack appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Clorox Sues Cognizant for $380 Million Over 2023 Hack Read More »

World Health Organization CISO on securing global health emergencies

cybersecurity, Don't miss, Features, healthcare, Hot stuff, Incident Response, News, strategy, threats, World Health Organization /

World Health Organization CISO on securing global health emergencies 2025-07-21 at 08:49 By Mirko Zorz In this Help Net Security interview, Flavio Aggio, CISO at the World Health Organization (WHO), explains how the organization prepares for and responds to cyber threats during global health emergencies. These crises often lead to an increase in phishing scams,

React to this headline:

Loading spinner

World Health Organization CISO on securing global health emergencies Read More »

United Natural Foods Projects Up to $400M Sales Hit from June Cyberattack

cyber insurance, Incident Response, UNFI, United Natural Foods /

United Natural Foods Projects Up to $400M Sales Hit from June Cyberattack 2025-07-16 at 18:45 By Mike Lennon Cyberattack disrupted UNFI’s operations in June; company estimates $50–$60 million net income hit but anticipates insurance will cover most losses. The post United Natural Foods Projects Up to $400M Sales Hit from June Cyberattack appeared first on

React to this headline:

Loading spinner

United Natural Foods Projects Up to $400M Sales Hit from June Cyberattack Read More »

DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total 

Cloudflare, DDoS, Incident Response, report /

DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total  2025-07-15 at 16:04 By Eduard Kovacs Cloudflare has published its quarterly DDoS threat report for Q2 2025 and the company says it has blocked millions of attacks. The post DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total  appeared first on SecurityWeek.

React to this headline:

Loading spinner

DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total  Read More »

Kanvas: Open-source incident response case management tool

cybersecurity, Don't miss, GitHub, Hot stuff, Incident Response, MITRE, News, open source, software, WithSecure /

Kanvas: Open-source incident response case management tool 2025-07-09 at 07:31 By Mirko Zorz Kanvas is an open-source incident response case management tool with a simple desktop interface, built in Python. It gives investigators a place to work with SOD (Spreadsheet of Doom) or similar files, so they can handle key tasks without jumping between different

React to this headline:

Loading spinner

Kanvas: Open-source incident response case management tool Read More »

Exposure management is the answer to: “Am I working on the right things?”

cybersecurity, Don't miss, Features, Hot stuff, Incident Response, News, penetration testing, PlexTrac, strategy, vulnerability management /

Exposure management is the answer to: “Am I working on the right things?” 2025-07-08 at 09:07 By Mirko Zorz In this Help Net Security interview, Dan DeCloss, Founder and CTO at PlexTrac, discusses the role of exposure management in cybersecurity and how it helps organizations gain visibility into their attack surface to improve risk assessment

React to this headline:

Loading spinner

Exposure management is the answer to: “Am I working on the right things?” Read More »

Scroll to Top