all InfoSec news
You Cannot Escape Me: Detecting Evasions of SIEM Rules in Enterprise Networks. (arXiv:2311.10197v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Cyberattacks have grown into a major risk for organizations, with common
consequences being data theft, sabotage, and extortion. Since preventive
measures do not suffice to repel attacks, timely detection of successful
intruders is crucial to stop them from reaching their final goals. For this
purpose, many organizations utilize Security Information and Event Management
(SIEM) systems to centrally collect security-related events and scan them for
attack indicators using expert-written detection rules. However, as we show by
analyzing a set of widespread …
attacks consequences cyberattacks data data theft detection enterprise enterprise networks escape extortion goals major networks organizations purpose risk rules sabotage siem theft