What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-02 01:01:00 | Cybereason Partners with SiS International to Protect Joint Customers in Hong Kong (lien direct) |
Cybereason and SiS International Limited, a leading IT distributor in Hong Kong, are partnering to protect enterprises in Hong Kong from today's sophisticated cyberattacks. |
Guideline | ||
|
2021-12-01 15:04:34 | Join Us for DefenderCon 2021! (lien direct) |
Mark your calendar for December 14 as Cybereason will be hosting DefenderCon'21 – a virtual conference celebrating our global cybersecurity community. Defenders from around the world will come together to hear from industry leaders and cybersecurity visionaries and learn what's on the horizon in our mission together to reverse the adversary advantage and end cyber attacks from endpoints to everywhere. |
Guideline | ||
|
2021-12-01 14:02:43 | Ransomware Underscores Need for Layered, Predictive Defenses (lien direct) |
A congressional investigation into the ransomware attacks that targeted CNA Financial Corp., Colonial Pipeline Co., and JBS Foods USA found that in all three cases the attackers exploited “small failures” in the security postures of the companies. |
Ransomware | ||
|
2021-12-01 13:33:32 | AI/ML Powered Automation: The Future of Cybersecurity at Scale (lien direct) |
Cybersecurity professionals are simply not able to keep up with the growing flood of enterprise security alerts. A 2020 survey determined that the volume of security alerts had increased as much as 50% for four out of five SOC analysts over the preceding year, as reported by ITSecurityWire. |
|||
|
2021-11-30 13:45:43 | Cybereason v21.1 LTS: Advancing Prevention, Detection and Response (lien direct) |
This month Cybereason has released our next long-term support version, 21.1 LTS, that brings additional functionalities that drastically improve how defenders can predictively prevent, detect and respond to known and emerging threats. |
|||
|
2021-11-30 13:40:01 | A Brief History of Ransomware Evolution (lien direct) |
Wondering where the scourge of ransomware attacks currently stands? In a recent report titled Ransomware: The True Cost to Business, we noted that ransomware attacks occur about every 11 seconds. That rate translates into about 3 million ransomware attacks over a year. |
Ransomware | ||
|
2021-11-29 12:55:53 | Malicious Life Podcast: Wild West Hackin\' Fest (lien direct) |
The Wild West Hackin' Fest is a unique security conference - not only because it's held in South Dakota, and not only because of the Wild West visual vibe - but also because of the emphasis it puts on diversity and lowering the entry barriers for people who wish to join the world of information security. We talked at length with John Strand, one of the conference's founders - check it out... |
|||
|
2021-11-29 06:00:00 | Webinar December 1st: Ransomware Attackers Don\'t Take Holidays (lien direct) |
Cybereason recently released a research report, titled Organizations at Risk: Ransomware Attackers Don't Take Holidays, that focuses on the threat that ransomware attacks during the weekends and holidays pose to organizations as we move into the holiday season. The global survey includes responses from 1,200+ security professionals at organizations that have previously suffered a successful ransomware attack. |
Ransomware Threat | ||
|
2021-11-24 14:40:41 | CISO Stories Podcast: Which Approach Wins - Compliance or Risk? (lien direct) |
Cybersecurity programs have evolved from the early days of compliance with regulations. Regulations are important and provide the necessary motivation for many organizations to implement security controls that may not otherwise be present, but is this enough? Is it really security? LBMC's Mark Burnette joins the podcast as the differences between compliance and true security are discussed - check it out... |
|||
|
2021-11-23 13:29:20 | Which Data Do Ransomware Attackers Target for Double Extortion? (lien direct) |
Double extortion is one of the most prevalent ransomware tactics today. The attackers first exfiltrate sensitive information from their target before launching the ransomware encryption routine. The threat actor then demands a ransom payment in order to regain access to the encrypted assets along with an additional threat to publicly expose or otherwise release the data if the ransom demand is not met promptly. |
Ransomware Threat | ||
|
2021-11-22 13:34:10 | Malicious Life Podcast: Inside Operation Flyhook Part 2 (lien direct) |
To capture Alexey Ivanov and his business partner and bring them to justice, the FBI created an elaborate ruse: a fake company named Invita, complete with a fake website and a fake office building. Ray Pompon, a security professional, was brought in as an 'evil security consultant' to convince Alexey to demonstrate his hacking skills on a pre-arranged honeypot - check it out... |
|||
|
2021-11-19 19:34:07 | Dear Defenders, (lien direct) |
The changing of the leaves and the brisk fall mornings around Boston are a sign that 2021 is nearing its end. It's a time that I like to reflect on the year gone by and think about the potential for the new year. |
|||
|
2021-11-18 12:06:57 | CISO Stories Podcast: Who is Your SOC Really For? (lien direct) |
Managing the volume of security events and continuous threat intelligence can be daunting for the largest of organizations. How do you increase the effectiveness of a Security Operations Center (SOC) and share this information across the organization for greater efficiency and adoption? Ricardo Lafosse, CISO at Kraft Heinz, explains - check it out... |
Threat | ||
|
2021-11-17 05:03:00 | Cybereason Research Finds Organizations Unprepared for Ransomware Attacks on Weekends and Holidays (lien direct) |
In June of 2021, Cybereason published a global research report, titled Ransomware: The True Cost to Business, which revealed that the vast majority of organizations that have suffered a ransomware attack experienced significant impact to the business as a result. The consequences included loss of revenue, damage to the organization's brand, unplanned workforce reductions, and disruption of business operations. |
Ransomware | ||
|
2021-11-17 05:02:00 | Predictive Ransomware Protection: The Key to Ending a Global Crisis (lien direct) |
Successful ransomware attacks take time. They involve gaining a foothold in the enterprise, conducting reconnaissance, escalating privileges, and then locating and exfiltrating your organization's most sensitive data. The entire process, up until the point that the attackers encrypt your data, could take weeks or months. |
Ransomware | ||
|
2021-11-17 05:01:00 | Cybereason Partners with Moviri to Deliver Operation-Centric Security (lien direct) |
Cybereason is joining forces with Moviri, the leading Italian technology consulting and software group specializing in analytics, IoT and cybersecurity solutions to deliver operation-centric security to joint customers. |
Guideline | ||
|
2021-11-16 14:28:03 | RansomOps: Detecting Complex Ransomware Operations (lien direct) |
In a recent blog post we discussed how today's more complex RansomOps attacks are more akin to stealthy APT-like operations than the old “spray and pray” mass email spam campaign of old, and how there are multiple players from the larger Ransomware Economy at work, each with their own specializations. |
Ransomware Spam | ||
|
2021-11-15 14:45:26 | Malicious Life Podcast: Inside IP/BGP Hijacking (lien direct) |
In 2016, for six straight months, communications between Canadian and Korean government networks were hijacked by China Telecom and routed through China. In 2017, traffic from Sweden and Norway to a large American news organization in Japan was hijacked to China for about 6 weeks. |
|||
|
2021-11-12 12:52:05 | Ransomware Whack-a-Mole (lien direct) |
Pretty much everyone is familiar with the carnival game Whack-a-Mole. No matter how many moles you bash with the mallet, it seems like two more pop up in its place. It's commonly used to describe cybersecurity and the ransomware news this week illustrates why Whack-a-Mole is an appropriate metaphor. |
Ransomware | ||
|
2021-11-12 06:00:00 | Cybereason and Nuspire Partner to Empower Organizations to Stop Cyber Attacks (lien direct) |
Earlier this year, the Cybereason Managed Detection and Response (MDR) service offering was named a Strong Performer in the Forrester Wave™: Managed Detection and Response, Q1 2021 report. |
|||
|
2021-11-11 14:12:40 | CISO Stories Podcast: Do You Know Where Your Data Is? (lien direct) |
Today, data is everywhere as users are working remotely, storing information in the cloud, downloading to and from USB drives, and so on. William Miaoulis, CISO at Auburn University, joins the podcast to discuss some of the typical situations that lead to the exposure of sensitive information and how to prevent them - check it out... |
Guideline | ||
|
2021-11-10 14:02:00 | Why XDR is a \'Must Have\' for Organizations of Every Size (lien direct) |
According to Grand View Research, the global Extended Detection and Response (XDR) market is expected to reach $2.06 billion by 2028 after climbing at a CAGR of 19.9% over seven years. This forecast is predicated on market optimism that XDR will enable organizations to navigate a growing number of integrations between new and existing security solutions, as well as the notion that security teams can use XDR to increase their visibility across disparate but critical assets to detect and arrest attacks earlier. |
|||
|
2021-11-10 14:01:00 | Cybereason Earns Gold OPSWAT Access Control Certification (lien direct) |
Cybereason has earned the coveted Gold-level OPSWAT Certified Security Applications verification for the Cybereason Sensors ActiveProbe 21.X for Windows, Mac and Linux endpoints. The OPSWAT Access Control Certification Program is the industry standard for the interoperability of endpoint security software--a key factor in ensuring a consistent user experience. |
|||
|
2021-11-09 18:46:51 | (Déjà vu) THREAT ANALYSIS REPORT: From Shatak Emails to the Conti Ransomware (lien direct) |
The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. |
Ransomware Threat | ||
|
2021-11-09 13:50:36 | The Ransom Disclosure Act and Defending Against Complex RansomOps (lien direct) |
On October 5, U.S. Senator Elizabeth Warren (D-Mass.) introduced the Ransom Disclosure Act. She framed it as something that could help the U.S. government learn more about how ransomware operations work. |
Ransomware | ||
|
2021-11-08 22:43:45 | When Your EDR Vendor Attacks! (lien direct) |
Florian Roth, Head of Research at Nextron Systems in Germany, received a series of alerts on Nov. 6 that had all the telltale signs of a potentially serious security breach. |
|||
|
2021-11-08 21:46:59 | Zero Trust Race is On: Do You Have the Right Engine? (lien direct) |
The shift to a Zero Trust security model has become a top priority for many organizations, driven by record levels of ransomware attacks and a rapidly expanding attack surface stemming from the move to remote work and accelerated cloud adoption. |
Ransomware | ||
|
2021-11-08 17:04:14 | The CISA Directive Is Crucial for Cybersecurity (lien direct) |
As the CEO of a cybersecurity company, it's important to stay informed--to know about breaking news, emerging threats, and rising trends to provide direction for the company and protection for our customers. One story that stood out to me last week was the news that CISA issued a new directive to federal agencies. The mandate establishes an aggressive timeline for federal agencies to address known vulnerabilities in their environments. More importantly, though, the guidance will change how government agencies deal with cybersecurity moving forward and improve our ability to defend against attacks. |
|||
|
2021-11-08 13:47:47 | Malicious Life Podcast: Inside Operation Flyhook Part 1 (lien direct) |
Alexey Ivanov was exactly the kind of person to benefit from the early-2000's dot-com boom: he was bright, talented and really knew his stuff. His only problem was the fact that he was born in Chelyabinsk, a sleepy Russian town in the middle of nowhere. When he sent his résumé to American companies, nobody was willing to bet on him. |
|||
|
2021-11-04 14:03:12 | Cybereason Recognized in The Herd 100 Top Emerging Privately Held U.S. Technology Companies (lien direct) |
Cybereason has been honored by recognition in The Herd 100, D.A. Davidson's ranking of the Top 100 private technology companies. The Cybereason operation-centric security approach enables defenders to outthink and outpace sophisticated cyber threats from nation-state attackers and cybercriminal groups. |
|||
|
2021-11-04 13:00:55 | CISO Stories Podcast: The Nexus of Security, Privacy and Trust (lien direct) |
Allison Miller, CISO at Reddit, discusses the challenges across stakeholders from end-users to service providers in addressing the nexus of Security, Privacy and Trust - should they be equally weighted? In what circumstances does the need for one outweigh the need for the others? What does the future hold for our efforts to find the right balance between them? Check it out... |
|||
|
2021-11-03 20:34:19 | Webinar November 18th: Anatomy of a Ransomware Attack (lien direct) |
Join Cybereason CEO and co-founder Lior Div and CSO Sam Curry as they break down the anatomy of a ransomware attack. Learn how Cybereason enables defenders to protect themselves and orchestrate the best ransomware defenses. |
Ransomware | ||
|
2021-11-03 13:00:27 | Actionable XDR Telemetry vs. Uncorrelated SIEM Alerts (lien direct) |
As a class of security tools, Security Information and Event Management (SIEM) finds itself in a curious position. On the one hand, the global SIEM market is expected to continue growing over the next few years.
PRNewswire reported that the market is expected to reach $6.4 billion by 2027. Such growth implies a CAGR of 6.8% over the next six years. It also means that continuous monitoring, incident response, regulatory compliance, and log management will remain priorities for organizations during that period. |
|||
|
2021-11-03 00:00:00 | Cybereason and Tech Data Partner to End Cyberattacks in Asia Pacific Region (lien direct) |
Cybereason is joining forces with Tech Data, a TD SYNNEX company and a leading global distributor of IT solutions, to protect enterprises across Asia Pacific from sophisticated cyberattacks. |
Guideline | ||
|
2021-11-02 12:23:58 | What Are the Most Common Attack Vectors for Ransomware? (lien direct) |
There's been record growth of ransomware attacks in 2021. A recent report documented 304.7 million attack attempts in the first six months of the year, as reported by Threatpost. That's 100,000 more attempts than the total volume logged in all of 2020. |
Ransomware | ||
|
2021-11-01 19:00:18 | NOBELIUM Demonstrates Why Microsoft Is the Weakest Link (lien direct) |
Microsoft platforms and products are ubiquitous. Government agencies and companies of all sizes and industries around the world rely on Microsoft software to get things done. They are also riddled with security weaknesses and vulnerabilities, which makes them a common--almost universal--vector for attacks. Microsoft is an Achilles heel that can make organizations vulnerable. |
|||
|
2021-11-01 17:47:05 | Conti Ransomware Gang Strikes \'Jeweler to the Stars\' (lien direct) |
What do Oprah Winfrey, Donald Trump, and David Beckham have in common? Apparently, they are all clients of Graff-known as the “Jeweler to the Stars” because of its clientele of Hollywood A-listers and affluent who's who in the world. Now they have something else in common-their personal details were leaked on the Dark Web by the Conti ransomware gang following an attack on Graff. |
Ransomware | ||
|
2021-11-01 16:40:06 | Video: Google Cloud and Cybereason Shift the XDR Paradigm to \'Detect and Anticipate\' (lien direct) |
Cybereason and Google Cloud recently entered into a strategic partnership to bring to market a joint solution, Cybereason XDR powered by Chronicle, in support of our joint mission to reverse the adversary advantage. |
|||
|
2021-11-01 14:49:45 | Ransomware Head to Head: Why Does Cybereason Anti-Ransomware Win Over SentinelOne? (lien direct) |
Recent ransomware attacks have shown that stakes are high. One recent attack demanded a ransom of $70m in cryptocurrency, and it is estimated that organizations paid nearly $600 million in ransom payments in just the first half of 2021--more than the total for all of 2020. Building out an anti-ransomware strategy is not just a good idea anymore, it is imperative. However, there are quite a few vendors in the market, making the selection process difficult. Today, we'll break down why customers continually choose Cybereason, especially over competitors such as SentinelOne. |
Ransomware | ||
|
2021-11-01 11:56:01 | Malicious Life Podcast: In Defense of the NSA (lien direct) |
The National Security Agency is one of the world's most formidable and powerful intelligence agencies. Some people fear that the NSA's advanced capabilities could one day be directed inwards instead of outwards. |
|||
|
2021-10-29 15:49:18 | (Déjà vu) Webinar November 11th: Live Attack Simulation - Ransomware Threat Hunter Series (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. |
Ransomware Threat | ||
|
2021-10-28 13:00:12 | (Déjà vu) THREAT ANALYSIS REPORT: Snake Infostealer Malware (lien direct) |
The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. |
Malware Threat | ||
|
2021-10-28 12:47:56 | CISO Stories Podcast: Five Mistakes Impacting Security and Privacy Policy Creation (lien direct) |
Charles Cresson Wood set the 'gold standard' for policy guidance with the book Information Security Policies Made Easy, now in its 14th version. Wood has extensively researched what separates good processes from bad and has helped countless organizations develop and deliver sound policies that work to enable the business. Wood joins the podcast to discuss the five key mistakes teams make in creating and delivering impactful security and privacy policies for any organization - check it out... |
|||
|
2021-10-28 12:00:00 | (Déjà vu) Webinar: Live Attack Simulation - EMEA Ransomware Threat Hunter Series (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. |
Ransomware Threat | ||
|
2021-10-27 17:25:51 | (Déjà vu) THREAT ALERT: Malicious Code Implant in the UAParser.js Library (lien direct) |
The Cybereason Global Security Operations Center (SOC) issues Cybereason Threat Alerts to inform customers of emerging impacting threats. The Alerts summarize these threats and provide practical recommendations for protecting against them. |
Threat | ||
|
2021-10-27 12:39:34 | What is XDR? Understanding Extended Detection and Response (lien direct) |
XDR, shorthand for the product category of Extended Detection and Response, is a security approach that extends the power of EDR (Endpoint Detection and Response) capabilities to create integrated detection and response across not only endpoints, but also application suits, user personas, on-premises data centers as well as workloads hosted in the cloud. |
|||
|
2021-10-26 15:21:56 | Microsoft Publishes Veiled Mea Culpa Disguised as Research (lien direct) |
The Microsoft Threat Intelligence Center (MSTIC) shared a report warning that NOBELIUM-the threat actor behind the SolarWinds attacks-is targeting delegated administrative privileges as part of a larger malicious campaign.
Microsoft cautions that attackers are attempting to gain access to downstream customers of multiple cloud providers, managed service providers (MSPs), and IT services organizations in what at first glance appears to be a standard threat intelligence report, but upon examination more closely resembles a technical vulnerability disclosure. |
Vulnerability Threat | ||
|
2021-10-26 15:13:47 | EDR Buyer\'s Guide: Microsoft E5 Licenses and Security Risks (lien direct) |
There is no shortage of options for security teams undergoing an evaluation of EDR and EPP solutions currently available to the market. With roughly 30 serious vendors focused specifically on EDR and EPP, the differences between them are vast with unique approaches and capabilities delivered by each. |
|||
|
2021-10-26 12:57:41 | (Déjà vu) An Operation-Centric Approach to RansomOps Prevention (lien direct) |
Editor's Note: Unlock the knowledge, resources and expert guidance you need to successfully prevent ransomware attacks from impacting your organization's operations with this complimentary Ransomware Toolkit... |
Ransomware | ||
|
2021-10-25 16:22:58 | Webinar: Live Attack Simulation - Ransomware Threat Hunter Series (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. |
Ransomware Threat |
To see everything:
Our RSS (filtrered)
