Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-03-08 14:46:56 |
The Impact of Ransomware in the Healthcare Sector (lien direct) |
How many ransomware attacks did the Healthcare sector suffer in 2021? In a recent survey of healthcare organizations, 34% of respondents indicated they had suffered a ransomware attack in 2021. The healthcare sector thereby fared better than the global average of 37% for all industries combined. It also came in under retail and education, sectors where 44% of respondents revealed that they had weathered an infection. |
Ransomware
|
|
|
|
2022-03-08 13:00:00 |
Cybereason Taps Security Industry Veteran Greg Day as Global Field CISO (lien direct) |
Cybereason continues its exponential growth and expansion of the team by welcoming Greg Day to the company as Vice President and Global Field Chief Information Security Officer (CISO) for the EMEA region. |
|
|
|
|
2022-03-07 19:07:32 |
DFIR Demystified: Understanding Digital Forensics Incident Response (lien direct) |
The modern security toolkit is varied by necessity, with different tools required to effectively perform different tasks. As part of a successful defense-in-depth strategy, often deep-dive analysis is needed to fully understand and respond to serious events and data breaches.
While not needed for every event and every investigation, Digital Forensics and Incident Response (DFIR) is absolutely essential for InfoSec teams dealing with sophisticated cyber adversaries. |
|
|
|
|
2022-03-07 16:57:52 |
(Déjà vu) THREAT ALERT: Emotet Targeting Japanese Organizations (lien direct) |
The Cybereason Global Security Operations Center (SOC) issues Cybereason Threat Alerts to inform customers of emerging impacting threats. The Alerts summarize these threats and provide practical recommendations for protecting against them. |
Threat
|
|
|
|
2022-03-07 13:51:33 |
Malicious Life Podcast: Quantum Cybersecurity (lien direct) |
Quantum Computing is a fascinating and revolutionary technology that has been gaining significant ground in the past decade, with researchers from both academia and the commercial sector - such as Google and IBM - announcing major breakthroughs every few weeks. Mike Redding, CTO of Quantropi, a company specializing in Quantum Encryption - claims that this revolution is even closer than most of us think - check it out… |
|
|
|
|
2022-03-03 19:07:38 |
Cybereason vs. HermeticWiper and IsaacWiper (lien direct) |
Ukraine has been attacked by several new data wipers as the cyberwar that started in 2013 enters a new round. For the last couple of months, there has been a wave of cyberattacks targeting Ukrainian interests involving website defacements and DDOS attacks. |
|
|
|
|
2022-03-03 13:00:00 |
Cybereason and MITRE Engenuity Center for Threat-Informed Defense Launch the Attack Flow Project (lien direct) |
Cybereason is pleased to announce the launch of the Attack Flow Project in collaboration with the Center for Threat-Informed Defense, a joint effort aimed at developing a common data format for describing sequences of adversary behavior to improve defensive capabilities. |
|
|
|
|
2022-03-03 09:00:00 |
CISO Stories Podcast: Richard Clarke - Getting the Board on Board with Security (lien direct) |
Richard Clarke spent several decades serving Presidents of both parties and understands what is necessary to implement effective security programs. Join us as he provides pragmatic tips for working with the Board of Directors to effectively communicate the investment need and articulate the benefits in terms the Board can support - check it out... |
|
|
|
|
2022-03-02 14:04:00 |
XDR is Here: How and Why to Get Started (lien direct) |
The Extended Detection and Response (XDR) market is expected to increase over the next few years. Grand View Research wrote that the global XDR market will grow at a CAGR of 19.9% between 2021 and 2028. This surge will bring the market's value up to $2.06 billion by that time. |
|
|
|
|
2022-03-01 13:37:07 |
Cybereason vs. BlackCat Ransomware (lien direct) |
Since its first emergence in November 2021, the Cybereason Nocturnus team has been tracking the BlackCat Ransomware (aka ALPHV), which has been called “2021's most sophisticated ransomware”. |
Ransomware
|
|
|
|
2022-03-01 13:31:11 |
What\'s Next in the Evolution of Complex RansomOps? (lien direct) |
Ransomware gangs introduced lots of new tricks in 2021. Some attack groups went beyond double extortion to impose even more pressure on their victims. With triple extortion, attackers began offering to sell victims' data to competitors or investors unless they paid the ransom. |
|
|
|
|
2022-02-28 17:36:42 |
CEO Blog Series: Ukraine Conflict Confirms Russian Cybercrime Connection (lien direct) |
I am watching the ongoing tragedy in Ukraine with the rest of the world. It is heartbreaking and my thoughts are with the people of Ukraine. I had hoped that diplomatic efforts would work and that Putin would pull his troops back, but I would be lying if I said I was completely surprised that Russia launched a full-scale invasion of Ukraine. Aside from displaying Putin's imperialist aspirations, this conflict has also revealed the extent to which Russia has integrated cyber into its military strategy and how much control Russia has over allegedly “independent” cybercrime gangs. |
|
|
|
|
2022-02-28 13:01:15 |
Malicious Life Podcast: Crypto AG Part 2 - The Death of Bo Jr. (lien direct) |
How did Boris Hagelin succeed in selling compromised cipher machines to half the world over more than 50 years? Some have speculated that it was some kind of backdoor - but no, it was more clever than that. And Bo Jr., Hagelin's son, who became an important part of his father's company, did not approve of the secret deal with the NSA - check it out… |
|
|
|
|
2022-02-24 14:18:16 |
How Black History Icon Bessie Coleman Exemplifies Our Core Values (lien direct) |
At Cybereason, we know that building a truly inclusive workplace means ensuring a deeply ingrained and reinforced culture that makes each Defender feel respected, appreciated and encouraged in their work. |
|
|
|
|
2022-02-24 14:00:04 |
Two Things Every Zero Trust Initiative Must Have (lien direct) |
Although every organization's journey to achieving Zero Trust will be different, there are two factors that will determine your ability to maintain a system of trust by verification on a continuous basis: Data and speed. |
|
|
|
|
2022-02-24 13:51:14 |
CISO Stories Podcast: Understanding and Preparing for the Next Log4j (lien direct) |
The issues created by the recently disclosed Log4j vulnerability are bigger than you might expect and will have long-lasting implications. So, what was the Log4j vulnerability really, what can be done to reduce the risk it poses to organizations, and how can we better prepare for the next Log4j-level event? Benny Lakunishok, co-founder and CEO of Zero Networks, takes us deeper - check it out... |
Vulnerability
|
|
|
|
2022-02-23 14:22:00 |
Why Telemetry Correlations are Essential to XDR (lien direct) |
Most organizations will be directing some of their security budget to incorporate an Extended Detection and Response (XDR) solution in 2022. As reported by TechTarget, 70% of organizations intend to allocate budget spend for XDR in this period, and it's not difficult to understand why. |
|
|
|
|
2022-02-22 14:00:45 |
Three Questions to Ask about Ransomware Preparedness (lien direct) |
Ransomware operations, or RansomOps™, have evolved dramatically over the last few years, growing from a small subset of mostly nuisance attacks to a mature business model specialization and an increasing pace of innovation and technical sophistication. |
Ransomware
|
|
|
|
2022-02-22 13:56:36 |
Malicious Life Podcast: Why Do APTs Use Ransomware? (lien direct) |
Complex cybercrime attacks are increasingly showing more overlap with nation-state sponsored attacks, with some cybercriminal groups adopting more sophisticated TTPs and attack progressions, and some APTs adopting ransomware payloads to distract, disrupt and destroy targeted systems. |
Ransomware
|
|
|
|
2022-02-22 08:00:00 |
Everything Cybereason at Cybertech Tel Aviv 2022! (lien direct) |
Cybereason is going to be at Cybertech 2022 March 1-3 in Tel Aviv. Cybertech is the cyber ecosystem's foremost networking platform, conducting industry-related events all around the globe. |
|
|
|
|
2022-02-18 20:13:33 |
Shields Up: Is Your Ransomware Protection What It Should Be? (lien direct) |
The recent 'Shields Up' initiative from the Cybersecurity and Infrastructure Security Agency (CISA), an effort to warn businesses and critical infrastructure operators to prepare for cyberattacks coinciding with the imminent Russian invasion of Ukraine, may have one critical weak spot: ransomware protection. |
Ransomware
|
|
|
|
2022-02-18 16:53:18 |
Webinar March 15th: CISO Roundtable - Top CISO Priorities for 2022 (lien direct) |
For security leaders, it can be hard to catch a break when faced with the increasingly challenging task of defending their organizations from evolving threats while simultaneously fighting the battle of the budget in an effort to do more with less. |
Guideline
|
|
|
|
2022-02-17 14:52:55 |
Cybereason Named to 10 Hottest XDR Companies to Watch List for 2022 (lien direct) |
Cybereason is stoked to be named as one of the 10 Hottest XDR Security Companies to Watch in 2022 by CRN. This news comes on the heels of Cybereason launching Cybereason XDR powered by Google Cloud, the industry's first true XDR platform. |
|
|
|
|
2022-02-17 13:53:55 |
CISO Stories Podcast: A Cost-Effective Approach to Security Risk Management (lien direct) |
Risk management is arguably one of the most important functions of the CISO. So, how does the CISO establish the value proposition for an investment? Jack Jones, Chief Risk Scientist at RiskLens, discusses using a well-tested risk framework to evaluate and compare the current state of loss exposure and the expected reduction from applying a set of alternative controls - check it out... |
|
|
|
|
2022-02-17 08:00:00 |
Webinar March10th 2022: Live Attack Simulation - XDR vs. No-Macro RansomOps (lien direct) |
Throughout history, sometimes truth ends up being even stranger than fiction. Today's parade of multi-million dollar ransomware payout headlines is no exception: cybercriminals and ransomware gangs are outgunning prevention tech and response strategies. Attackers are operationalizing exploits at a record rate, targeting more organizations and are operating to reduce dwell time. |
Ransomware
|
|
|
|
2022-02-16 14:10:02 |
Securing Critical Infrastructure with XDR (lien direct) |
In January, CISA, the FBI and the NSA released a joint Cybersecurity Advisory (CSA), titled Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure, that provided an overview of Russian state-sponsored cyber operations, including commonly observed tactics, techniques and procedures (TTPs), as well as detection actions, incident response guidance, and recommended mitigations.
"Russian state-sponsored APT actors have used sophisticated cyber capabilities to target a variety of U.S. and international critical infrastructure organizations, including those in the Defense Industrial Base as well as the Healthcare and Public Health, Energy, Telecommunications, and Government Facilities Sectors," the advisory states.
"Russian state-sponsored cyber operations against critical infrastructure organizations have specifically targeted operational technology (OT)/industrial control systems (ICS) networks with destructive malware... CISA, the FBI, and NSA encourage the cybersecurity community-especially critical infrastructure network defenders-to adopt a heightened state of awareness and to conduct proactive threat hunting."
While critical infrastructure defense has always been high priority objective, there's still some disconnect in the world of critical infrastructure security around preparedness. According to a report covered by PRNewswire, a majority (84%) of critical infrastructure organizations indicated they had suffered at least one security breach involving their Operational Technology (OT) between 2018 and 2021; yet, 56% of respondents to the same study said they were “highly confident” that they wouldn't experience an OT breach in 2022. |
Threat
|
|
|
|
2022-02-15 22:11:13 |
Addressing the Risk from Cyberattacks in the Russia-Ukraine Conflict (lien direct) |
The situation in Ukraine continues to fluctuate, and U.S. intelligence sources are advising that Russia is preparing for an imminent invasion. Cyberattacks have already been observed in the conflict, and I expect diversions, distractions, and false flags as tensions escalate. There is also the potential risk of other threat actors being opportunistic under the cover of Russian aggression. |
Threat
|
|
|
|
2022-02-15 18:58:52 |
Cybereason vs. WhisperGate Wiper (lien direct) |
As geopolitical tensions are escalating between Russia and Ukraine, the cyberwar that has been going on since 2013 recently had another round of escalation. For the last couple of months, there have been a wave of cyberattacks targeting Ukrainian interests involving website defacements and DDOS attacks. |
|
|
|
|
2022-02-15 13:18:00 |
How to Prevent Ransomware Attacks at the Earliest Stages (lien direct) |
Ransomware attacks are one of the most challenging threats organizations face today. At the same time, it is difficult, if not impossible, for private-sector Defenders to draw a clear distinction between attacks supporting nation-state geopolitical interests and a good deal of the more complex ransomware attacks we see today. |
Ransomware
|
|
|
|
2022-02-14 22:19:51 |
Cybereason Partners with EGUARDIAN to Defend Organizations Against Complex Cyberattacks (lien direct) |
Cybereason, the XDR company, today announced we have joined forces with EGUARDIAN, a leading Value-Added Distributor and a technology provider in the Asia Pacific (APAC) region. The partnership will offer enhanced protection from complex cyberattacks to enterprises in Sri Lanka. Cybereason is the newest addition to EGUARDIAN's expanding portfolio of leading and innovative technology brands. |
Guideline
|
|
|
|
2022-02-14 12:55:55 |
Malicious Life Podcast: Crypto AG - The Greatest Espionage Operation Ever Part 1 (lien direct) |
General McArthur, Egypt's Anwar Sadat, and Iran's Ayatollah Khomeini: these are just a few of the dozens (likely hundreds) of targets in arguably the biggest, most ambitious hacking operation ever. A secret mission that lasted nearly a century, and influenced the course of so many of the most important events of history. Uncover the history you thought you knew - check it out… |
|
|
|
|
2022-02-10 11:00:00 |
(Déjà vu) THREAT ANALYSIS REPORT: All Paths Lead to Cobalt Strike - IcedID, Emotet and QBot (lien direct) |
The Cybereason Global Security Operations Center Team (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. |
Threat
Guideline
|
|
|
|
2022-02-10 10:45:00 |
Cybereason Executives Abigail Maines and Stephan Tallent Named 2022 CRN Channel Chiefs (lien direct) |
Over the past year, Cybereason has grown our team by about 1000 people and expanded our Partner organization roster tremendously. We are fortunate to have some of the brightest and best from across the security field working diligently to support our Defenders in the field and help our valued Partners grow their business. |
|
|
|
|
2022-02-10 10:00:00 |
CISO Stories Podcast: Creating Security Budget Where There is No Budget (lien direct) |
Over the years, security departments acquire tool after tool, sometimes integrated, and many times under-utilized. Kevin Richards, President at Secure Systems Innovation, walks through a very creative method for getting the budget you need, and explains how to leverage the current environment to “find” new sources of funding for the right cybersecurity investments - check it out... |
Tool
|
|
|
|
2022-02-09 12:00:00 |
Cybereason XDR for Cloud Workloads: A New Approach to Cloud Security (lien direct) |
The modern data-driven economy has accelerated the adoption of cloud computing. In fact, analysts predict there will be more than 100 zettabytes (a billion terabytes) of data stored in the cloud by 2024. |
|
|
|
|
2022-02-09 10:00:00 |
Debunking Three Common Misconceptions about XDR (lien direct) |
So, what is XDR anyway? Shorthand for Extended Detection and Response, XDR is a security approach that delivers unified detection and response capabilities across an organization's entire network infrastructure, and we've seen the proliferation of XDR services and platforms over the past few years. |
|
|
|
|
2022-02-09 08:00:00 |
(Déjà vu) Webinar March 9th 2022: Protecting Containers at Runtime with Cybereason XDR for Cloud Workloads (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. |
Ransomware
|
|
|
|
2022-02-08 18:57:04 |
Cybereason vs. Lorenz Ransomware (lien direct) |
Lorenz is a ransomware strain observed first in February of 2021, and is believed to be a rebranding of the “.sZ40” ransomware that was discovered in October 2020. Lorenz targets organizations worldwide with customized attacks demanding hundreds of thousands of dollars, and even millions in ransom fee. |
Ransomware
|
|
|
|
2022-02-08 14:13:21 |
Financial Services and the Evolving Ransomware Threat (lien direct) |
There's no doubt about it, ransomware attackers are increasingly targeting organizations in the financial services sector. As reported by Berkley Financial Specialists, financial institutions reported 635 ransomware-related events in the first half of 2021. That's a 30% increase over the same from the previous year. |
Threat
Ransomware
|
|
|
|
2022-02-08 10:00:00 |
(Déjà vu) Webinar February 24th 2022: Live Attack Simulation - Ransomware Threat Hunter Series (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. |
Threat
Ransomware
|
|
|
|
2022-02-07 13:52:48 |
Malicious Life Podcast: Why Aren\'t SMBs Investing in Cybersecurity? (lien direct) |
Attacks against Small-to-Medium size businesses (SMBs) currently represent roughly 40% to 50% of all data breaches. Josh Ablett, founder and CISO of Adelia Risk, speaks with Nate Nelson about the kind of security he usually finds in SMBs when he's called in to make an initial security assessment - spoiler: not a pretty picture - the impact of data breaches on SMBs, and what role do insurance companies play in improving the state of security in that often overlooked segment of the industry - check it out… |
|
|
|
|
2022-02-04 15:18:38 |
Iranian Threat Actors Turn Up Heat on Cyber Cold War (lien direct) |
Cybereason released new reports this week sharing discoveries made by our researchers related to two different Iranian threat actors. One of the keys to giving Defenders the tools they need to reverse the adversary advantage is understanding how attackers think and the tools they use-which is why research into emerging tactics and techniques is essential. |
Threat
|
|
|
|
2022-02-04 11:00:00 |
Responding to Multi-Endpoint Threats with XDR (lien direct) |
Today's advanced threat actors are capable of gaining access to your network and moving laterally to more sensitive systems in just minutes. Therefore, detection, insight, and speed of response are critical to preventing business disruption, data theft or ransomware. |
Threat
|
|
|
|
2022-02-03 14:22:04 |
Employee Spotlight: Developing a Unified Security Platform (lien direct) |
Candidates for engineering roles on our team often ask us whether they need a background in security. The answer is: Definitely not. Many attackers themselves are software engineers, rather than hackers or security experts, and that expertise isn't required to be a Cybereason Defender, either. To help explain why, we asked Team Lead for Anti-Malware and Kernel Engines Dani Koretsky to share an inside look at some of the development work that makes Cybereason possible. |
Guideline
|
|
|
|
2022-02-03 14:08:35 |
CISO Stories Podcast: Do It Internally or Hire a Consultant? (lien direct) |
With the cybersecurity talent shortage expected to last many years into the future, and a particular skill is needed that is not available within the current team, what do you do? Should you hire someone externally, or bring in a consultant? What are the pitfalls of each approach? John Iatonna, CISO at Spencer Stuart, discusses his experience in making these tough decisions - check it out... |
|
|
|
|
2022-02-02 20:31:48 |
How Cybereason XDR Supports Zero Trust Initiatives (lien direct) |
The White House last week released the Federal government's strategy to move agencies toward a Zero Trust approach to cybersecurity. The document formalizes the Biden administration's expectations for Zero-Trust architecture at all federal agencies, with deadlines set to meet various objectives by the end of 2024. |
|
|
|
|
2022-02-02 14:19:19 |
Cybereason XDR: Achieving 10X Reduction in False Positives (lien direct) |
Security Operations Center teams, regardless of size or sophistication, are at their breaking point. Alert overload and a “Fear of Missing Incidents” have led to unmanageable stress levels for SOC analysts. Making matters worse, more than half of those alerts are false positives - robbing analysts of time they could use on planning, training, and proactively improving their security program. |
|
|
|
|
2022-02-02 14:13:41 |
XDR: The Key to Empowering Your SOC (lien direct) |
Some interesting stats published recently by ITProPortal revealed 55% of technology and security executives said that they intended to increase their cybersecurity budgets by the end of the year. Approximately the same proportion (51%) of respondents revealed that they also planned to increase their number of full-time security professionals in that period. |
|
|
|
|
2022-02-01 05:02:00 |
StrifeWater RAT: Iranian APT Moses Staff Adds New Trojan to Ransomware Operations (lien direct) |
Over the past months, the Cybereason Nocturnus Team has been tracking the Iranian hacker group known as Moses Staff. The group was first spotted in October 2021 and claims their motivation is to harm Israeli companies by leaking sensitive, stolen data. |
Ransomware
|
|
|
|
2022-02-01 05:01:00 |
PowerLess Trojan: Iranian APT Phosphorus Adds New PowerShell Backdoor for Espionage (lien direct) |
Over the past months, the Cybereason Nocturnus Team observed an uptick in the activity of the Iranian attributed group dubbed Phosphorus (AKA Charming Kitten, APT35), known for previously attacking medical research organizations in the US and Israel in late 2020, and for targeting academic researchers from the US, France, and the Middle East region back in 2019. |
Conference
|
APT 35
APT 35
|
|