< ciso
brief />
Tag Banner

All news with #incident response tag

247 articles · page 13 of 13

Fortinet Supports INTERPOL in Operation Serengeti 2.0

🛡️Fortinet supported INTERPOL’s Operation Serengeti 2.0 by providing preemptive threat intelligence—IOCs, command-and-control data, and forensic insights—that helped plan and execute cross-border takedowns. Conducted June–August 2025 with 18 African nations and nine private partners, the operation led to 1,209 arrests, dismantling of 11,432 malicious infrastructures, and recovery of $97.4 million. Fortinet also contributed investigator training and capacity building to sustain disruption efforts.
read more →

INTERPOL Arrests 1,209 Cybercriminals in Africa Sweep

🔎 INTERPOL coordinated a multi-country crackdown that led to the arrest of 1,209 suspected cybercriminals across 18 African nations, targeting schemes that affected roughly 88,000 victims. The operation, the second phase of Operation Serengeti carried out between June and August 2025, recovered about $97.4 million and dismantled 11,432 malicious infrastructures. Private-sector partners including Group-IB and TRM Labs contributed intelligence on cryptocurrency fraud and ransomware links.
read more →

AWS Security Incident Response Adds ITSM Integrations

🛡️ AWS Security Incident Response now integrates with popular ITSM platforms like Jira and ServiceNow, offering bidirectional synchronization for issues, comments, attachments, and case updates. The connectors are provided as open-source projects on GitHub with sample code, deployment instructions, and implementation best practices. A modular design and technical documentation make it straightforward to extend support to additional ITSM targets and to leverage AI assistants for rapid customization.
read more →

Frenemies in Cybersecurity: Balancing Competition & Sharing

🤝 In a Threat Vector podcast, Michael Sikorski and Michael Daniel of the Cyber Threat Alliance discuss how competing vendors must nonetheless collaborate to counter shared threats. Daniel recalls how pooled observations during the 2017 WannaCry outbreak revealed its worm-like propagation and accelerated industry response. He emphasizes that the main obstacles to sharing are human—culture, legal risk, and lack of executive prioritization—and that concrete guardrails (antitrust-compliance statements, embargo protocols, and equal treatment) build the trust needed for timely intelligence exchange. The post cautions that as adversaries adopt AI and automation, systematic collaboration is essential.
read more →

Talos and NetHope Equip NGOs with Tailored TTX Decks

🔐 Talos, in collaboration with NetHope and Cisco Crisis Response, developed a customized Backdoors & Breaches expansion deck to help humanitarian aid NGOs improve incident response and proactive security within constrained budgets. The cards model real-world challenges—forced relocation, limited connectivity, and scarce resources—to make tabletop exercises practical and relevant for both technical and non-technical teams. Hundreds of physical decks have been distributed and a U.S.-focused edition was created with NGO-ISAC for domestic organizations. Resources and virtual play options are provided to lower barriers to adoption and scale training.
read more →

CISA Releases Open-Source Eviction Strategies Tool

🛡️CISA published a no-cost Eviction Strategies Tool, developed with MITRE, to help cyber defenders build tailored incident response plans and adversary eviction strategies within minutes. The package includes COUN7ER, a database of atomic post-compromise countermeasures, and the Cyber Eviction Strategies Playbook NextGen web app to match findings to countermeasures. It exports results in JSON, Word, Excel and markdown and is available under the MIT Open Source License.
read more →

AWS Security Incident Response: Accelerating IR Lifecycle

🛡️ AWS Security Incident Response is a Tier 1, AWS-native service launched in December 2024 to accelerate detection, triage, and containment of security incidents. It integrates with Amazon GuardDuty, AWS Security Hub, and AWS Systems Manager, supports partner integrations, and enables escalation to AWS CIRT. The service centralizes findings, automates monitoring and intelligent triage to reduce false positives, and offers prebuilt containment playbooks and APIs to compress MTTR and coordinate cross-account response.
read more →