Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-11-02 12:23:58 |
What Are the Most Common Attack Vectors for Ransomware? (lien direct) |
There's been record growth of ransomware attacks in 2021. A recent report documented 304.7 million attack attempts in the first six months of the year, as reported by Threatpost. That's 100,000 more attempts than the total volume logged in all of 2020. |
Ransomware
|
|
|
|
2021-11-01 19:00:18 |
NOBELIUM Demonstrates Why Microsoft Is the Weakest Link (lien direct) |
Microsoft platforms and products are ubiquitous. Government agencies and companies of all sizes and industries around the world rely on Microsoft software to get things done. They are also riddled with security weaknesses and vulnerabilities, which makes them a common--almost universal--vector for attacks. Microsoft is an Achilles heel that can make organizations vulnerable. |
|
|
|
|
2021-11-01 17:47:05 |
Conti Ransomware Gang Strikes \'Jeweler to the Stars\' (lien direct) |
What do Oprah Winfrey, Donald Trump, and David Beckham have in common? Apparently, they are all clients of Graff-known as the “Jeweler to the Stars” because of its clientele of Hollywood A-listers and affluent who's who in the world. Now they have something else in common-their personal details were leaked on the Dark Web by the Conti ransomware gang following an attack on Graff. |
Ransomware
|
|
|
|
2021-11-01 16:40:06 |
Video: Google Cloud and Cybereason Shift the XDR Paradigm to \'Detect and Anticipate\' (lien direct) |
Cybereason and Google Cloud recently entered into a strategic partnership to bring to market a joint solution, Cybereason XDR powered by Chronicle, in support of our joint mission to reverse the adversary advantage. |
|
|
|
|
2021-11-01 14:49:45 |
Ransomware Head to Head: Why Does Cybereason Anti-Ransomware Win Over SentinelOne? (lien direct) |
Recent ransomware attacks have shown that stakes are high. One recent attack demanded a ransom of $70m in cryptocurrency, and it is estimated that organizations paid nearly $600 million in ransom payments in just the first half of 2021--more than the total for all of 2020. Building out an anti-ransomware strategy is not just a good idea anymore, it is imperative. However, there are quite a few vendors in the market, making the selection process difficult. Today, we'll break down why customers continually choose Cybereason, especially over competitors such as SentinelOne. |
Ransomware
|
|
|
|
2021-11-01 11:56:01 |
Malicious Life Podcast: In Defense of the NSA (lien direct) |
The National Security Agency is one of the world's most formidable and powerful intelligence agencies. Some people fear that the NSA's advanced capabilities could one day be directed inwards instead of outwards. |
|
|
|
|
2021-10-29 15:49:18 |
(Déjà vu) Webinar November 11th: Live Attack Simulation - Ransomware Threat Hunter Series (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. |
Threat
Ransomware
|
|
|
|
2021-10-28 13:00:12 |
(Déjà vu) THREAT ANALYSIS REPORT: Snake Infostealer Malware (lien direct) |
The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. |
Threat
Malware
|
|
|
|
2021-10-28 12:47:56 |
CISO Stories Podcast: Five Mistakes Impacting Security and Privacy Policy Creation (lien direct) |
Charles Cresson Wood set the 'gold standard' for policy guidance with the book Information Security Policies Made Easy, now in its 14th version. Wood has extensively researched what separates good processes from bad and has helped countless organizations develop and deliver sound policies that work to enable the business. Wood joins the podcast to discuss the five key mistakes teams make in creating and delivering impactful security and privacy policies for any organization - check it out... |
|
|
|
|
2021-10-28 12:00:00 |
(Déjà vu) Webinar: Live Attack Simulation - EMEA Ransomware Threat Hunter Series (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. |
Threat
Ransomware
|
|
|
|
2021-10-27 17:25:51 |
(Déjà vu) THREAT ALERT: Malicious Code Implant in the UAParser.js Library (lien direct) |
The Cybereason Global Security Operations Center (SOC) issues Cybereason Threat Alerts to inform customers of emerging impacting threats. The Alerts summarize these threats and provide practical recommendations for protecting against them. |
Threat
|
|
|
|
2021-10-27 12:39:34 |
What is XDR? Understanding Extended Detection and Response (lien direct) |
XDR, shorthand for the product category of Extended Detection and Response, is a security approach that extends the power of EDR (Endpoint Detection and Response) capabilities to create integrated detection and response across not only endpoints, but also application suits, user personas, on-premises data centers as well as workloads hosted in the cloud. |
|
|
|
|
2021-10-26 15:21:56 |
Microsoft Publishes Veiled Mea Culpa Disguised as Research (lien direct) |
The Microsoft Threat Intelligence Center (MSTIC) shared a report warning that NOBELIUM-the threat actor behind the SolarWinds attacks-is targeting delegated administrative privileges as part of a larger malicious campaign.
Microsoft cautions that attackers are attempting to gain access to downstream customers of multiple cloud providers, managed service providers (MSPs), and IT services organizations in what at first glance appears to be a standard threat intelligence report, but upon examination more closely resembles a technical vulnerability disclosure. |
Threat
Vulnerability
|
|
|
|
2021-10-26 15:13:47 |
EDR Buyer\'s Guide: Microsoft E5 Licenses and Security Risks (lien direct) |
There is no shortage of options for security teams undergoing an evaluation of EDR and EPP solutions currently available to the market. With roughly 30 serious vendors focused specifically on EDR and EPP, the differences between them are vast with unique approaches and capabilities delivered by each. |
|
|
|
|
2021-10-26 12:57:41 |
(Déjà vu) An Operation-Centric Approach to RansomOps Prevention (lien direct) |
Editor's Note: Unlock the knowledge, resources and expert guidance you need to successfully prevent ransomware attacks from impacting your organization's operations with this complimentary Ransomware Toolkit... |
Ransomware
|
|
|
|
2021-10-25 16:22:58 |
Webinar: Live Attack Simulation - Ransomware Threat Hunter Series (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. |
Threat
Ransomware
|
|
|
|
2021-10-25 12:44:44 |
Malicious Life Podcast: Marcus Hutchins - A Controversial Hero (lien direct) |
In May 2017, Marcus Hutchins - AKA MalwareTech - became a hero for stopping WannaCry, a particularly nasty ransomware that spread quickly all over the world. Yet his fame also brought to light his troubled past as the teenage Black Hat hacker who created KRONOS, a dangerous rootkit. Should a criminal-turned-hero be punished for his past crimes? Check it out... |
Ransomware
|
Wannacry
|
|
|
2021-10-22 19:31:06 |
Microsoft OneDrive Used for Ransom Operations (lien direct) |
Microsoft was called out recently after it was discovered that hundreds of malware files commonly used to launch Conti ransomware attacks are being hosted from their OneDrive cloud storage service. The news highlights once again that Microsoft needs to invest significant time and resources just to get its own security house in order-and why they have no business trying to sell customers cybersecurity solutions to problems they created. |
Ransomware
Malware
|
|
|
|
2021-10-21 12:31:48 |
CISO Stories Podcast: NotPetya - 45 Minutes and 10,000 Servers Encrypted (lien direct) |
Learn how to prepare and reduce the risk of the next ransomware event as Todd Inskeep, Founder at Incovate Solutions, walks us through the lessons learned after managing out of a NotPetya ransomware attack. Will you be ready? Don't miss this podcast for valuable insights from a real-life scenario - check it out... |
Ransomware
|
NotPetya
NotPetya
|
|
|
2021-10-20 14:05:27 |
Three Secrets to Ending Ransomware (lien direct) |
Stopping ransomware isn't easy. If it were, there wouldn't be so many successful attacks out there. According to ThreatPost, there has been a 151% increase in ransomware attacks in the first half of this year compared to the first half of last year, with over 100 different strains in circulation. |
Ransomware
|
|
|
|
2021-10-20 12:39:41 |
Why All Telemetry is Essential for XDR Performance (lien direct) |
Robust telemetry is essential to any threat detection and response strategy. Organizations need the ability to collect threat information from across their IT infrastructure so that they can see what's going on in their environments and correlate the intelligence across devices, personas, application suites, and the cloud so that it's actionable. |
Threat
|
|
|
|
2021-10-19 13:08:21 |
What is the Dark Web Ransomware Marketplace? (lien direct) |
Editor's Note: Unlock the knowledge, resources and expert guidance you need to successfully prevent ransomware attacks from impacting your organization's operations with this complimentary Ransomware Toolkit...
The theme for Week 3 of Cybersecurity Awareness Month 2021 is “Explore. Experience. Share.” It's also Cybersecurity Career Awareness Week. The purpose of the theme is to highlight all the many contributions that people in cybersecurity roles can make to society through their work. |
Ransomware
|
|
|
|
2021-10-19 13:07:05 |
Cybereason CEO Lior Div Takes Featured Speaker Spot at CNBC Disruptor 50 Summit (lien direct) |
Global spending on artificial intelligence (AI) systems has nearly tripled since 2019, and it's set to more than double again by the end of 2025, according to IDC. Now's your chance to hear from a pair of market disruptors driving the accelerated adoption of AI's many promising applications, from supercharging software development to stopping ransomware attacks. |
Ransomware
|
|
|
|
2021-10-18 11:52:07 |
Malicious Life Podcast: Operation GhostShell - An Iranian Espionage Campaign (lien direct) |
In July 2021, Nocturnus - the Cybereason Threat Research and Intelligence team - was called to investigate an espionage campaign targeting Aerospace and Telecommunications companies globally. Their investigation resulted in the discovery of a new threat actor dubbed MalKamak that has been operating since at least 2018, and a new and sophisticated RAT (remote access trojan) dubbed ShellClient that abuses Dropbox for C2 (command and control). |
Threat
|
|
|
|
2021-10-15 00:42:11 |
Ransomware: The Global Cybersecurity Pandemic (lien direct) |
I am sitting in Paris this week at the Les Asis conference, but my mind is also on Biden's ransomware summit as ransomware took center stage again this week. No, not because of a major ransomware attack shutting down critical infrastructure or grinding production to a halt. In fact, the opposite. President Biden continued to push the need for cybersecurity and a more effective response to the scourge of ransomware by convening a 2-day ransomware summit involving 30 countries around the world. |
Ransomware
|
|
|
|
2021-10-14 12:50:13 |
Microsoft\'s Failure to Prioritize Security Puts Everyone at Risk (lien direct) |
It has been a very busy year when it comes to Microsoft zero-day attacks. According to KrebsOnSecurity, May is the only month in 2021 that Microsoft didn't release a patch to defend against at least one zero-day exploit. And Microsoft vulnerabilities are playing a bigger role in the spate of ransomware infections organizations are grappling with than most probably are aware of (more on that below). |
Ransomware
|
|
|
|
2021-10-14 12:40:21 |
CISO Stories Podcast: Security Awareness that Actually Works (lien direct) |
October is Cybersecurity Awareness Month! Security Awareness programs must grab the employee's attention if they are to succeed - Steven Lentz joins the podcast to explain how he successfully engaged the workforce through creative and visible security awareness methods - check it out... |
|
|
|
|
2021-10-13 13:42:47 |
Cybereason Recognized in Debut XDR New Wave™ Report (lien direct) |
As we enter Q4 of a hyper-growth year for XDR, Cybereason is in full gear: We're just getting started! We remain undefeated in protecting our customers from headline-stealing attacks like SolarWinds, the Microsoft Exchange Server attacks, and dangerous ransomware attacks from DarkSide, REvil and other adversaries. |
Ransomware
|
|
|
|
2021-10-13 12:06:42 |
What is the Importance of XDR in Cloud Security? (lien direct) |
Organizations are increasingly turning to hybrid-cloud and multi-cloud strategies as ways of keeping up with their evolving business needs. A majority (92%) of organizations already had a multi-cloud strategy at the start of the year, according to Beta News, while 80% were working with hybrid cloud environments at that time. |
|
|
|
|
2021-10-13 09:00:00 |
Cybereason and Aon Partner to End Cyber Attacks (lien direct) |
Cybereason is partnering with Aon, a leading global professional services firm, in an alliance to help protect clients from sophisticated cyber attacks. The Cybereason Defense Platform, together with Aon's Cyber Solutions, will enable clients to better prevent, detect and respond to cyber threats. |
Guideline
|
|
|
|
2021-10-12 12:00:20 |
Cybereason and Google Cloud Join Forces to Drive XDR Innovation (lien direct) |
Cybersecurity defenders are under unprecedented pressure and attack from nearly every angle and every threat vector. To properly defend businesses, governments, hospitals, financial institutions and our critical infrastructure, security teams are accelerating their move to Extended Detection and Response (XDR).
Properly executing and implementing XDR involves cutting-edge innovation, the very latest in detection technology, and most importantly the ability to collect and analyze all event telemetry data at scale. |
Threat
|
|
|
|
2021-10-12 08:00:00 |
What is Ransomware-as-a-Service and How Does it Work? (lien direct) |
Editor's Note: Unlock the knowledge, resources and expert guidance you need to successfully prevent ransomware attacks from impacting your organization's operations with this complimentary Ransomware Toolkit...
Recently, we introduced a blog series where we'll break down some key drivers of the ransomware threat landscape for Cybersecurity Awareness Month (formerly National Cybersecurity Awareness Month). We spent the first week analyzing Initial Access Brokers (IABs). For this week, let's focus on Ransomware-as-a-Service (RaaS).
|
Threat
Ransomware
|
|
|
|
2021-10-11 15:07:15 |
Malicious Life Podcast: Smart TVs - a New Security Battlefield (lien direct) |
Smart Homes are slowly but surely becoming a part of our everyday lives, and so far it seems that Smart TVs - equipped with microphones, cameras, and an internet connection - are the weakest link. What are the current and potential threats against smart TVs - and is a person's smart home still their castle? Check it out... |
|
|
|
|
2021-10-08 23:35:47 |
Protecting the US Government from Cyber Attacks (lien direct) |
The US government--along with private organizations regardless of size or industry--has been a prime target this year for cyber attacks and cyber espionage. As a dominant economic, political, and military force in the world, US federal agencies are under constant siege from both cybercriminals and nation-state adversaries. This week, we launched a new subsidiary-Cybereason Government, Inc.-to help them defend against these attacks. |
|
|
|
|
2021-10-07 12:52:51 |
CISO Stories Podcast: Extending Detection and Response to the Cloud (lien direct) |
Kathy Wang, CISO at Very Good Security, discusses challenges in extending detection and response capabilities to cloud deployments while also ensuring correlations across traditional networks, endpoints, mobile, application suites and user identities. |
|
|
|
|
2021-10-06 09:59:21 |
Operation GhostShell: Novel RAT Targets Global Aerospace and Telecoms Firms (lien direct) |
In July 2021, the Cybereason Nocturnus and Incident Response Teams responded to Operation GhostShell, a highly-targeted cyber espionage campaign targeting the Aerospace and Telecommunications industries mainly in the Middle East, with additional victims in the U.S., Russia and Europe. |
|
|
|
|
2021-10-05 21:36:00 |
(Déjà vu) Webinar: The Future of Endpoint Security (lien direct) |
As security threats continue to evolve, our approach to security must also evolve with them. Legacy signature-based antivirus solutions are no longer enough to prevent the highly targeted attacks of today, making traditional solutions an inadequate defense. |
|
|
|
|
2021-10-05 13:01:28 |
New Cybereason Government Subsidiary Empowers U.S. Agencies to Detect Malicious Operations Faster (lien direct) |
Cybereason is excited to announce the creation of a U.S. Government subsidiary, Cybereason Government Inc., dedicated to prevention, detection and response to malicious operations targeting U.S. Government agencies.
Cybereason is committed to supporting government defenders by providing multi-layered protection for continuous monitoring, proactive threat hunting, automated containment and remediation, and immediate incident response capabilities. |
|
|
|
|
2021-10-05 11:50:20 |
How Do Initial Access Brokers Enable Ransomware Attacks? (lien direct) |
Editor's Note: Unlock the knowledge, resources and expert guidance you need to successfully prevent ransomware attacks from impacting your organization's operations with this complimentary Ransomware Toolkit...
This October marks the 18th iteration of Cybersecurity Awareness Month, formerly called National Cybersecurity Awareness Month (NCSAM). Together with the National Cyber Security Alliance (NCSA), the U.S. Cybersecurity & Infrastructure Security Agency unveiled Do Your Part. #BeCyberSmart as this year's theme. They also named “Be Cyber Smart” as the focus for the week of October 4 (Cybersecurity Awareness Month Week 1). |
Ransomware
|
|
|
|
2021-10-04 11:59:49 |
Running Robust Managed Detection and Response Services (lien direct) |
Information security practitioners have published a lot of articles around topics like how to build and run a security operations center (SOC) and specific SOC functions such as incident response and threat hunting. These topics are always important, as threat actors are constantly coming up with more sophisticated attack strategies and vectors. |
Threat
|
|
|
|
2021-10-04 11:57:27 |
Malicious Life Podcast: Inside the MITRE ATT&CK Framework (lien direct) |
In some ways, cybersecurity is like art, but that's not a good thing… The MITRE ATT&CK framework aims to make sense of the collective knowledge of the security community and share that knowledge so that cyber defense becomes less an art form and more about using the correct tools and techniques. |
|
|
|
|
2021-10-01 14:36:19 |
If You Prevent Ransomware You Don\'t Need to Recover from It (lien direct) |
I started Cybereason to help defenders protect their networks and data against attacks-to use what I know about how cybercriminals think and how adversaries work to give defenders an advantage against all threats. Right now, one of the most pervasive threats is ransomware, and I am proud to say that we remain undefeated against ransomware attacks. |
Ransomware
|
|
|
|
2021-09-30 13:58:50 |
CISO Stories Podcast: Security from Scratch - Incident Response on a Budget (lien direct) |
Every organization must be able to respond to an attack quickly. Sam Monasteri joins the podcast to discuss key steps to implement in an incident response plan without breaking the bank by simplifying incident response to the 3 'P's - check it out... |
|
|
|
|
2021-09-30 13:09:34 |
Govware Conference: Cybereason CEO Lior Div to Deliver Keynote (lien direct) |
Cybereason is pleased to share that our CEO and co-founder Lior Div will be a keynote speaker at the Govware Conference in Singapore on Wednesday, October 6, 9:30 am, SST. His talk will focus on the rise in cyber attacks against global telecommunications companies. Sam Curry, the company's CSO, will also be speaking on Thursday, October 7, 1:05 pm SST, offering practical advice and recommendations for future proofing a business. |
|
|
|
|
2021-09-29 12:55:19 |
How Does XDR Solve the IT Infrastructure Visibility Gap? (lien direct) |
Network visibility is a persistent problem for organizations. Back in 2019, Business Wire shared the results of a survey in which 65% of respondents said that a lack of visibility into their organizations' IT security infrastructure was the top obstacle to the success of their Security Operations Center (SOC). Approximately the same proportion (69%) named a lack of visibility as the top reason behind their SOC's ineffectiveness.
|
|
|
|
|
2021-09-28 12:40:35 |
Ransomware Prevention vs. Recovery: Which Costs Businesses More? (lien direct) |
It probably comes as no surprise that ransomware attacks are more prolific now than they were several years ago. A 2021 survey found that ransomware attacks increased 62% over the preceding two years, as reported by Security Magazine, with North American registering a surge of 158% during that same period. |
Ransomware
|
|
|
|
2021-09-27 17:05:50 |
(Déjà vu) Threat Analysis Report: Inside the Destructive PYSA Ransomware (lien direct) |
The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. |
Threat
Ransomware
|
|
|
|
2021-09-27 12:03:13 |
Malicious Life Podcast: Should the U.S. Ban Chinese and Russian Technology? (lien direct) |
Every year, seemingly, there's a new story of some software like 'Tik Tok' or 'FaceApp' from a hostile country that may or may not be a security threat to us in the West. So what should be done in cases like this? What if the U.S. just banned all technology from Russia and China? Is it a good idea? Is it even possible? Ira Winkler joins the discussion - check it out... |
Threat
|
|
|
|
2021-09-27 09:30:00 |
Video: The CIO\'s Role in Establishing a Cyber Resilience Strategy (lien direct) |
Oracle CIO Jae Evans recently hosted a special edition of CIO Exchange featuring an array of internationally acclaimed speakers who shared their insights on the latest trends in global and internal cyber threats and the strategies required for prevention, detection and response. |
|
|
|
|
2021-09-24 12:33:29 |
1,460-Day Old Known Vulnerability Catches Microsoft Off Guard (lien direct) |
Vulnerabilities are a fact of life. I started my career in cybersecurity finding and exploiting those vulnerabilities to conduct nation-state offensive operations. I understand the simple reality that there is no such thing as perfect code, and that even the most secure application can be compromised given enough time. But that is not an excuse for writing bad code or failing to address known issues. |
Vulnerability
|
|
|