all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Why Detecting Behaviors, Not IOCs, Beats Zero-Days

Add to bookmarks
June 9, 2023, 6:55 p.m. | /u/blumira

cybersecurity www.reddit.com

Blumira first detected and alerted on the MOVEit exploitation of CVE-2023-34362 on May 28th, 2023 — three days ahead of the MOVEit vulnerability announcement, allowing the customer to quickly respond.Detecting on behaviors (TTPs) rather than on specific indicators of compromise (IOCs) alone such as file hashes, IP addresses, or domain names is a no brainer.

Since attackers can easily swap out their IOCs, it’s more difficult for defenders to detect them.While it’s fairly simple for attackers to hide from AV …

addresses announcement blumira compromise customer cve cve-2023-34362 cybersecurity domain domain names exploitation file hashes indicators of compromise iocs ip addresses may moveit names quickly respond ttps vulnerability zero-days

Visit resource

More from www.reddit.com / cybersecurity

I think I blew my last interview 2 hours ago | www.reddit.com
cybersecurity hello interview interviewing +4
On a scala of 0-10 how severe would you rate database credentials (root) in a … 8 hours ago | www.reddit.com
attachments code credentials cybersecurity +8
Half of Americans Support TikTok Ban, Poll Finds 10 hours ago | www.reddit.com
ban cybersecurity poll support +2
Another major pharmacy chain shuts following possible cyberattack 11 hours ago | www.reddit.com
canada cyber cyberattack cybersecurity +7
Jobs being outsourced 13 hours ago | www.reddit.com
analyst cybersecurity doing hello +12
Top cybersecurity stories for the week of 04-29-24 to 05-03-24 14 hours ago | www.reddit.com
ciso cyber cyber security cybersecurity +8
How to Detect a GIFshell Attack: Step-by-Step Guide 18 hours ago | www.reddit.com
attack cybersecurity detect gifshell +1
5 Methods Useful To Discover APIs 19 hours ago | www.reddit.com
apis cybersecurity discover
Germany acuses Russia of cyberattack on governing party – DW 21 hours ago | www.reddit.com
cyberattack cybersecurity germany party +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Specialist

@ Nestlé | St. Louis, MO, US, 63164
View on infosec-jobs.com

Cybersecurity Analyst

@ Dana Incorporated | Pune, MH, IN, 411057
View on infosec-jobs.com

Sr. Application Security Engineer

@ CyberCube | United States
View on infosec-jobs.com

Linux DevSecOps Administrator (Remote)

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Cyber Security Intern or Co-op

@ Langan | Parsippany, NJ, US, 07054-2172
View on infosec-jobs.com

Security Advocate - Application Security

@ Datadog | New York, USA, Remote
View on infosec-jobs.com
View more jobs