Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-12-13 13:08:24 |
Malicious Life Podcast: Ransomware Attackers Don\'t Take Holidays (lien direct) |
In November of 2021, Cybereason released a special report, titled Organizations at Risk: Ransomware Attackers Don't Take Holidays, focusing on the threat of ransomware attacks during weekends and holidays. Nate Nelson, our senior producer, talked with Ken Westin, Director of Security Strategy at Cybereason, about why attackers love holidays and weekends, and why ransomware attacks during these times are so effective and dangerous - check it out... |
Threat
Ransomware
|
|
|
|
2021-12-10 23:55:00 |
Cybereason Releases Vaccine to Prevent Exploitation of Apache Log4Shell Vulnerability (CVE-2021-44228) (lien direct) |
Cybereason researchers have developed and release a “vaccine” for the Apache Log4Shell vulnerability (CVE-2021-44228). The vaccine is now freely available on GitHub. It is a relatively simple fix that requires only basic Java skills to implement and is freely available to any organization. Cybereason previously announced that none of the company's products or services were impacted by the vulnerability. |
Vulnerability
|
|
|
|
2021-12-10 21:08:07 |
Cybereason Solutions Are Not Impacted by Apache Log4j Vulnerability (CVE-2021-44228) (lien direct) |
A newly revealed vulnerability impacting Apache Log4j 2 versions 2.0 to 2.14.1 was disclosed on the project's GitHub on December 9, 2021, and designated as CVE-2021-44228 with the highest severity rating of 10. |
Vulnerability
|
|
★★
|
|
2021-12-10 16:13:20 |
Cybereason Extends Feature Support for Linux (lien direct) |
Cybereason this week announced support for Endpoint Controls and pre-execution and at rest NGAV protection for Linux. |
|
|
|
|
2021-12-10 02:00:00 |
(Déjà vu) Webinar January 11th 2022: Live Attack Simulation - Ransomware Threat Hunte (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. |
Threat
Ransomware
|
|
|
|
2021-12-09 20:10:19 |
(Déjà vu) THREAT ALERT: The Return of Emotet (lien direct) |
The Cybereason Global Security Operations Center (SOC) issues Cybereason Threat Alerts to inform customers of emerging impacting threats. The Alerts summarize these threats and provide practical recommendations for protecting against them. |
Threat
|
|
|
|
2021-12-09 13:44:22 |
CISO Stories Podcast: No Senior Management Buy-In - No Success (lien direct) |
Are you reporting the same risks each year to management? This may be indicative of a lack of incentive or buy-in from senior management to fund security investments. Chris Apgar, CEO and President at Apgar & Associates, joins the podcast to discuss how to show senior management that funding these initiatives is more than just risk avoidance - check it out... |
|
|
|
|
2021-12-09 04:02:00 |
Cybereason Taps Former Dyson CISO CK Chim as Field CSO to Support APAC Expansion (lien direct) |
Cybereason today announced CK Chim, Chim was most recently Dyson's Chief Information Security Officer (CISO), has joined the company as Field Chief Security Officer for the Asia Pacific region, bringing more than 20 years of industry experience to the team. |
|
|
|
|
2021-12-08 13:12:59 |
Leveraging the XDR Advantage in the Midst of a Pandemic (lien direct) |
The pandemic has changed organizations' technology priorities profoundly over the last two years. In a study reported on by Business Wire, cybersecurity and hybrid working constituted the top enterprise technology priorities looking ahead to 2022, at 58% and 55% of organizations, respectively. |
|
|
|
|
2021-12-07 13:12:31 |
Ransomware by the Numbers – An Impact Overview (lien direct) |
The number of global ransomware attacks is on the rise. According to Threatpost, the global volume of ransomware operations reached 304.7 million attacks in H1 2021. That's a year-over-year increase of 151%. What's more, that's 100k+ more attack attempts than what security researchers detected in all of 2020. |
Ransomware
|
|
|
|
2021-12-06 16:46:14 |
Under the Hood: What Artificial Intelligence on the Endpoint Looks Like (lien direct) |
In light of a recent Cybereason research report, Organizations at Risk: Ransomware Attackers Don't Take Holidays, regarding the prevalence of ransomware attacks that occur during off-hours, it's imperative that we look towards robust AI security solutions, such that you can know your organization is protected even when none of your staff is online. |
Ransomware
|
|
|
|
2021-12-06 13:01:12 |
Malicious Life Podcast: Tay: A Teenage Bot Gone Rogue (lien direct) |
In March, 2016, Microsoft had something exciting to tell the world: the tech giant unveiled an AI chatbot with the personality of a teenager. Microsoft Tay, as it was nicknamed, could tweet, answer questions and even make its own memes. But within mere hours of going live, Tay began outputting racist, anti-Semitic and misogynist tweets - check it out... |
|
|
|
|
2021-12-03 19:01:52 |
Cl0p Ransomware Gang Tries to Topple the House of Cards (lien direct) |
When I wrote the introduction for our recent report Organizations at Risk: Ransomware Attackers Don't Take Holidays, I described current factors and trends with the potential to disrupt the upcoming holiday season. |
Ransomware
|
|
|
|
2021-12-02 16:07:45 |
Planned Parenthood Ransomware Attack Has Far Reaching Implications (lien direct) |
The Planned Parenthood Los Angeles affiliate announced that their computer network was hit by a ransomware attack. The compromise occurred between October 9 and 17 and affected around 400,000 patients' data. |
Ransomware
|
|
|
|
2021-12-02 15:42:07 |
Planned Parenthood Ransomware Attack Puts Lives at Risk (lien direct) |
The Planned Parenthood branch in Los Angeles revealed that it was the victim of a ransomware attack that resulted in attackers obtaining sensitive information on about 400,000 patients. All ransomware attacks and data breaches are bad, but this one is particularly egregious because the sensitive nature of the compromised information could destroy families or possibly put lives in danger. |
Ransomware
|
|
|
|
2021-12-02 13:16:25 |
CISO Stories Podcast: Skills I Needed to be a First-Time CISO (lien direct) |
Infosec skills don't necessarily transfer to CISO skills, but CISO skills are 100% transferable to whatever your infosec career looks like. Richard Kaufmann VP/CISO at Amedisys discusses how growth begins outside of your comfort zone and why some of the CISO skills you can work on now include executive storytelling, internal coalition building, and how to be comfortable being uncomfortable - check it out... |
|
|
|
|
2021-12-02 01:01:00 |
Cybereason Partners with SiS International to Protect Joint Customers in Hong Kong (lien direct) |
Cybereason and SiS International Limited, a leading IT distributor in Hong Kong, are partnering to protect enterprises in Hong Kong from today's sophisticated cyberattacks. |
Guideline
|
|
|
|
2021-12-01 15:04:34 |
Join Us for DefenderCon 2021! (lien direct) |
Mark your calendar for December 14 as Cybereason will be hosting DefenderCon'21 – a virtual conference celebrating our global cybersecurity community. Defenders from around the world will come together to hear from industry leaders and cybersecurity visionaries and learn what's on the horizon in our mission together to reverse the adversary advantage and end cyber attacks from endpoints to everywhere. |
Guideline
|
|
|
|
2021-12-01 14:02:43 |
Ransomware Underscores Need for Layered, Predictive Defenses (lien direct) |
A congressional investigation into the ransomware attacks that targeted CNA Financial Corp., Colonial Pipeline Co., and JBS Foods USA found that in all three cases the attackers exploited “small failures” in the security postures of the companies. |
Ransomware
|
|
|
|
2021-12-01 13:33:32 |
AI/ML Powered Automation: The Future of Cybersecurity at Scale (lien direct) |
Cybersecurity professionals are simply not able to keep up with the growing flood of enterprise security alerts. A 2020 survey determined that the volume of security alerts had increased as much as 50% for four out of five SOC analysts over the preceding year, as reported by ITSecurityWire. |
|
|
|
|
2021-11-30 13:45:43 |
Cybereason v21.1 LTS: Advancing Prevention, Detection and Response (lien direct) |
This month Cybereason has released our next long-term support version, 21.1 LTS, that brings additional functionalities that drastically improve how defenders can predictively prevent, detect and respond to known and emerging threats. |
|
|
|
|
2021-11-30 13:40:01 |
A Brief History of Ransomware Evolution (lien direct) |
Wondering where the scourge of ransomware attacks currently stands? In a recent report titled Ransomware: The True Cost to Business, we noted that ransomware attacks occur about every 11 seconds. That rate translates into about 3 million ransomware attacks over a year. |
Ransomware
|
|
|
|
2021-11-29 12:55:53 |
Malicious Life Podcast: Wild West Hackin\' Fest (lien direct) |
The Wild West Hackin' Fest is a unique security conference - not only because it's held in South Dakota, and not only because of the Wild West visual vibe - but also because of the emphasis it puts on diversity and lowering the entry barriers for people who wish to join the world of information security. We talked at length with John Strand, one of the conference's founders - check it out... |
|
|
|
|
2021-11-29 06:00:00 |
Webinar December 1st: Ransomware Attackers Don\'t Take Holidays (lien direct) |
Cybereason recently released a research report, titled Organizations at Risk: Ransomware Attackers Don't Take Holidays, that focuses on the threat that ransomware attacks during the weekends and holidays pose to organizations as we move into the holiday season. The global survey includes responses from 1,200+ security professionals at organizations that have previously suffered a successful ransomware attack. |
Threat
Ransomware
|
|
|
|
2021-11-24 14:40:41 |
CISO Stories Podcast: Which Approach Wins - Compliance or Risk? (lien direct) |
Cybersecurity programs have evolved from the early days of compliance with regulations. Regulations are important and provide the necessary motivation for many organizations to implement security controls that may not otherwise be present, but is this enough? Is it really security? LBMC's Mark Burnette joins the podcast as the differences between compliance and true security are discussed - check it out... |
|
|
|
|
2021-11-23 13:29:20 |
Which Data Do Ransomware Attackers Target for Double Extortion? (lien direct) |
Double extortion is one of the most prevalent ransomware tactics today. The attackers first exfiltrate sensitive information from their target before launching the ransomware encryption routine. The threat actor then demands a ransom payment in order to regain access to the encrypted assets along with an additional threat to publicly expose or otherwise release the data if the ransom demand is not met promptly. |
Threat
Ransomware
|
|
|
|
2021-11-22 13:34:10 |
Malicious Life Podcast: Inside Operation Flyhook Part 2 (lien direct) |
To capture Alexey Ivanov and his business partner and bring them to justice, the FBI created an elaborate ruse: a fake company named Invita, complete with a fake website and a fake office building. Ray Pompon, a security professional, was brought in as an 'evil security consultant' to convince Alexey to demonstrate his hacking skills on a pre-arranged honeypot - check it out... |
|
|
|
|
2021-11-19 19:34:07 |
Dear Defenders, (lien direct) |
The changing of the leaves and the brisk fall mornings around Boston are a sign that 2021 is nearing its end. It's a time that I like to reflect on the year gone by and think about the potential for the new year. |
|
|
|
|
2021-11-18 12:06:57 |
CISO Stories Podcast: Who is Your SOC Really For? (lien direct) |
Managing the volume of security events and continuous threat intelligence can be daunting for the largest of organizations. How do you increase the effectiveness of a Security Operations Center (SOC) and share this information across the organization for greater efficiency and adoption? Ricardo Lafosse, CISO at Kraft Heinz, explains - check it out... |
Threat
|
|
|
|
2021-11-17 05:03:00 |
Cybereason Research Finds Organizations Unprepared for Ransomware Attacks on Weekends and Holidays (lien direct) |
In June of 2021, Cybereason published a global research report, titled Ransomware: The True Cost to Business, which revealed that the vast majority of organizations that have suffered a ransomware attack experienced significant impact to the business as a result. The consequences included loss of revenue, damage to the organization's brand, unplanned workforce reductions, and disruption of business operations. |
Ransomware
|
|
|
|
2021-11-17 05:02:00 |
Predictive Ransomware Protection: The Key to Ending a Global Crisis (lien direct) |
Successful ransomware attacks take time. They involve gaining a foothold in the enterprise, conducting reconnaissance, escalating privileges, and then locating and exfiltrating your organization's most sensitive data. The entire process, up until the point that the attackers encrypt your data, could take weeks or months. |
Ransomware
|
|
|
|
2021-11-17 05:01:00 |
Cybereason Partners with Moviri to Deliver Operation-Centric Security (lien direct) |
Cybereason is joining forces with Moviri, the leading Italian technology consulting and software group specializing in analytics, IoT and cybersecurity solutions to deliver operation-centric security to joint customers. |
Guideline
|
|
|
|
2021-11-16 14:28:03 |
RansomOps: Detecting Complex Ransomware Operations (lien direct) |
In a recent blog post we discussed how today's more complex RansomOps attacks are more akin to stealthy APT-like operations than the old “spray and pray” mass email spam campaign of old, and how there are multiple players from the larger Ransomware Economy at work, each with their own specializations. |
Ransomware
Spam
|
|
|
|
2021-11-15 14:45:26 |
Malicious Life Podcast: Inside IP/BGP Hijacking (lien direct) |
In 2016, for six straight months, communications between Canadian and Korean government networks were hijacked by China Telecom and routed through China. In 2017, traffic from Sweden and Norway to a large American news organization in Japan was hijacked to China for about 6 weeks. |
|
|
|
|
2021-11-12 12:52:05 |
Ransomware Whack-a-Mole (lien direct) |
Pretty much everyone is familiar with the carnival game Whack-a-Mole. No matter how many moles you bash with the mallet, it seems like two more pop up in its place. It's commonly used to describe cybersecurity and the ransomware news this week illustrates why Whack-a-Mole is an appropriate metaphor. |
Ransomware
|
|
|
|
2021-11-12 06:00:00 |
Cybereason and Nuspire Partner to Empower Organizations to Stop Cyber Attacks (lien direct) |
Earlier this year, the Cybereason Managed Detection and Response (MDR) service offering was named a Strong Performer in the Forrester Wave™: Managed Detection and Response, Q1 2021 report. |
|
|
|
|
2021-11-11 14:12:40 |
CISO Stories Podcast: Do You Know Where Your Data Is? (lien direct) |
Today, data is everywhere as users are working remotely, storing information in the cloud, downloading to and from USB drives, and so on. William Miaoulis, CISO at Auburn University, joins the podcast to discuss some of the typical situations that lead to the exposure of sensitive information and how to prevent them - check it out... |
Guideline
|
|
|
|
2021-11-10 14:02:00 |
Why XDR is a \'Must Have\' for Organizations of Every Size (lien direct) |
According to Grand View Research, the global Extended Detection and Response (XDR) market is expected to reach $2.06 billion by 2028 after climbing at a CAGR of 19.9% over seven years. This forecast is predicated on market optimism that XDR will enable organizations to navigate a growing number of integrations between new and existing security solutions, as well as the notion that security teams can use XDR to increase their visibility across disparate but critical assets to detect and arrest attacks earlier. |
|
|
|
|
2021-11-10 14:01:00 |
Cybereason Earns Gold OPSWAT Access Control Certification (lien direct) |
Cybereason has earned the coveted Gold-level OPSWAT Certified Security Applications verification for the Cybereason Sensors ActiveProbe 21.X for Windows, Mac and Linux endpoints. The OPSWAT Access Control Certification Program is the industry standard for the interoperability of endpoint security software--a key factor in ensuring a consistent user experience. |
|
|
|
|
2021-11-09 18:46:51 |
(Déjà vu) THREAT ANALYSIS REPORT: From Shatak Emails to the Conti Ransomware (lien direct) |
The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. |
Threat
Ransomware
|
|
|
|
2021-11-09 13:50:36 |
The Ransom Disclosure Act and Defending Against Complex RansomOps (lien direct) |
On October 5, U.S. Senator Elizabeth Warren (D-Mass.) introduced the Ransom Disclosure Act. She framed it as something that could help the U.S. government learn more about how ransomware operations work. |
Ransomware
|
|
|
|
2021-11-08 22:43:45 |
When Your EDR Vendor Attacks! (lien direct) |
Florian Roth, Head of Research at Nextron Systems in Germany, received a series of alerts on Nov. 6 that had all the telltale signs of a potentially serious security breach. |
|
|
|
|
2021-11-08 21:46:59 |
Zero Trust Race is On: Do You Have the Right Engine? (lien direct) |
The shift to a Zero Trust security model has become a top priority for many organizations, driven by record levels of ransomware attacks and a rapidly expanding attack surface stemming from the move to remote work and accelerated cloud adoption. |
Ransomware
|
|
|
|
2021-11-08 17:04:14 |
The CISA Directive Is Crucial for Cybersecurity (lien direct) |
As the CEO of a cybersecurity company, it's important to stay informed--to know about breaking news, emerging threats, and rising trends to provide direction for the company and protection for our customers. One story that stood out to me last week was the news that CISA issued a new directive to federal agencies. The mandate establishes an aggressive timeline for federal agencies to address known vulnerabilities in their environments. More importantly, though, the guidance will change how government agencies deal with cybersecurity moving forward and improve our ability to defend against attacks. |
|
|
|
|
2021-11-08 13:47:47 |
Malicious Life Podcast: Inside Operation Flyhook Part 1 (lien direct) |
Alexey Ivanov was exactly the kind of person to benefit from the early-2000's dot-com boom: he was bright, talented and really knew his stuff. His only problem was the fact that he was born in Chelyabinsk, a sleepy Russian town in the middle of nowhere. When he sent his résumé to American companies, nobody was willing to bet on him. |
|
|
|
|
2021-11-04 14:03:12 |
Cybereason Recognized in The Herd 100 Top Emerging Privately Held U.S. Technology Companies (lien direct) |
Cybereason has been honored by recognition in The Herd 100, D.A. Davidson's ranking of the Top 100 private technology companies. The Cybereason operation-centric security approach enables defenders to outthink and outpace sophisticated cyber threats from nation-state attackers and cybercriminal groups. |
|
|
|
|
2021-11-04 13:00:55 |
CISO Stories Podcast: The Nexus of Security, Privacy and Trust (lien direct) |
Allison Miller, CISO at Reddit, discusses the challenges across stakeholders from end-users to service providers in addressing the nexus of Security, Privacy and Trust - should they be equally weighted? In what circumstances does the need for one outweigh the need for the others? What does the future hold for our efforts to find the right balance between them? Check it out... |
|
|
|
|
2021-11-03 20:34:19 |
Webinar November 18th: Anatomy of a Ransomware Attack (lien direct) |
Join Cybereason CEO and co-founder Lior Div and CSO Sam Curry as they break down the anatomy of a ransomware attack. Learn how Cybereason enables defenders to protect themselves and orchestrate the best ransomware defenses. |
Ransomware
|
|
|
|
2021-11-03 13:00:27 |
Actionable XDR Telemetry vs. Uncorrelated SIEM Alerts (lien direct) |
As a class of security tools, Security Information and Event Management (SIEM) finds itself in a curious position. On the one hand, the global SIEM market is expected to continue growing over the next few years.
PRNewswire reported that the market is expected to reach $6.4 billion by 2027. Such growth implies a CAGR of 6.8% over the next six years. It also means that continuous monitoring, incident response, regulatory compliance, and log management will remain priorities for organizations during that period. |
|
|
|
|
2021-11-03 00:00:00 |
Cybereason and Tech Data Partner to End Cyberattacks in Asia Pacific Region (lien direct) |
Cybereason is joining forces with Tech Data, a TD SYNNEX company and a leading global distributor of IT solutions, to protect enterprises across Asia Pacific from sophisticated cyberattacks. |
Guideline
|
|
|