Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-08-02 12:04:49 |
Malicious Life Podcast: The State of Credit Card Security (lien direct) |
In 2005, when Albert Gonzalez was hacking his way into the networks of many retail chains in the US (listen to Part 1, Part 2 and Part 3), credit cards were still very insecure: magnetic stripes and signed receipts did little to stop smart hackers such as Gonzalez and his crew. |
|
|
|
|
2021-07-30 20:20:45 |
(Déjà vu) CISO Stories Podcast: Ransomware Attacks and the True Cost to Business (lien direct) |
A recent global research report conducted by Cybereason, titled Ransomware: The True Cost to Business, revealed that the vast majority of organizations that have suffered a ransomware attack have experienced significant impact to the business, including loss of revenue, damage to the organization's brand, unplanned workforce reductions, and little in the way of relief from cyber insurance policies. |
Ransomware
|
|
|
|
2021-07-29 13:45:07 |
Cybereason Offers Comprehensive Visibility and Protection for Diverse Systems (lien direct) |
As enterprise technical infrastructures become more complex, managing them grows increasingly difficult. Protection against the growing problem of cybercrime also remains a key aspect for anyone involved in IT management. Cybersecurity considerations are especially critical for organizations involved in Customer Experience Automation and CRM, such as my company ActiveCampaign. |
|
|
|
|
2021-07-28 12:33:28 |
CISO Stories Podcast: Developing Secure Agile Code Quickly is Very Achievable (lien direct) |
Speed to market is the mantra of software development today. This does not mean that a process is not followed, it means that an iterative approach to software development produces code changes and usable code much faster. |
|
|
|
|
2021-07-27 12:56:20 |
The XDR Advantage: Eliminate Dwell Time and Gain Visibility (lien direct) |
The average cost of a data breach in 2020 was $3.86 million, according to IBM. It was even more expensive for certain entities. Indeed, that cost rose to $8.64 million when attackers succeeded in breaching an organization located in the United States. It was the same story in the healthcare industry, with the cost of data breaches climbing to $7.13 million for affected entities.
|
Data Breach
|
|
|
|
2021-07-26 12:01:59 |
Malicious Life Podcast: The Life and Exploits of Albert Gonzales Part 3 (lien direct) |
In this third installment of the series (Part 1, Part 2), we come back to the story in early 2007 when a Secret Service agent operating out of San Diego takes a flight halfway across the world. He's going to meet with Europe's most prolific stolen credit card salesman. It is this meeting that will be the beginning of the end for Albert Gonzalez and his 'All Star' crew of hackers, international businessmen and mules. |
|
|
|
|
2021-07-22 13:06:52 |
CISO Stories Podcast: Protecting the Crown Jewels (lien direct) |
The crown jewels are those assets representing the highest value to the organization and deserve the greatest investment to protect. Join this podcast with special guest Steve Durbin, Chief Executive at ISF, to learn the importance of protecting these assets throughout the information life cycle - check it out... |
|
|
|
|
2021-07-22 12:00:00 |
Cybereason and CYDERES Partner to Deliver Managed Detection and Response (lien direct) |
Cybereason is thrilled to announce a strategic partnership with CYDERES, the security-as-a-service division of Fishtech Group and a Top 25 MSSP, to bring enhanced Managed Detection and Response (MDR) to our current and future managed security customers. |
|
|
|
|
2021-07-21 20:34:32 |
Everything Cybereason at the Black Hat 2021 Virtual Conference (lien direct) |
The Cybereason team is excited to have you join us at Black Hat 2021 on August 4th from 8:30AM to 5PM PST, and on August 5th from 8:30AM to 4PM PST! Stop by the “virtual” Cybereason booth and automatically be entered to win a Sonos Roam Speaker and other great freebies! |
|
|
|
|
2021-07-21 13:43:27 |
Three Ransomware Attacks that Upped the Ante (lien direct) |
Concern surrounding ransomware attacks is high in the security industry. In our recent global research report titled Ransomware: The True Cost to Business, we found that 81% of the 1,200+ cybersecurity professionals we surveyed were highly or very concerned about the risk of ransomware. |
Ransomware
|
|
|
|
2021-07-20 09:00:00 |
Cybereason Enhances XDR Offering with empow Acquisition (lien direct) |
Today's targeted attacks increasingly take aim at multiple devices and users simultaneously while employing a range of tactics, techniques and procedures (TTPs). To further complicate the work of the defender, traditional security solutions are alert-centric, generating an ever-growing volume of notifications that lack context and fail to correlate to one another even if part of the same attack. This alert-centric, siloed approach gives attackers ample opportunity to hide in the seams, which makes hunting, tracking and eliminating attackers all but impossible. |
|
|
|
|
2021-07-19 12:04:11 |
Malicious Life Podcast: Dave Kennedy on the History of DerbyCon (lien direct) |
DerbyCon was conceived with the notion that it was going to be all about making the security community a family. Dave Kennedy, one of the founders of DerbyCon, talks about the unique vibe of the conference, his fear of clowns, and why he'll never listen to a Busta Rhymes album again - check it out… |
|
|
|
|
2021-07-15 12:15:00 |
Cybereason vs. Prometheus Ransomware (lien direct) |
Prometheus is a relatively new variant of the Thanos ransomware that is operated independently by the Prometheus group, and was first observed in February of 2021. In just a short period of time, Prometheus caused a lot of damage, and breached over 40 companies. |
Ransomware
|
|
|
|
2021-07-15 12:00:00 |
CISO Stories Podcast: Always be a Student - Always be Learning (lien direct) |
Phil Attfield, CEO and founder at Sequitur Labs, discusses his engineering roots and the natural curiosity that led him to developing software tools and in-house products for modeling, synthesis and verification of telecom and network equipment hardware at Nortel. |
|
|
|
|
2021-07-14 12:46:09 |
Cybereason Extends Global Leadership in XDR with $275 Million in Crossover Financing (lien direct) |
The first half of 2021 has seen explosive growth for our company, and the tremendous momentum we are enjoying is just the beginning of what will prove to be a momentous year for the entire Cybereason team. |
Guideline
|
|
|
|
2021-07-13 12:58:13 |
Cybereason Launches Global Defenders League Partner Program (lien direct) |
The Cybereason team is excited to announce the launch of the Cybereason Defenders League, a Global Partner community, designed to reward the cybersecurity industry's most trusted advisors and solution providers by increasing their margins and profitability. Members of this program will gain access to award-winning technology and services to help end users stop cyber attacks. |
|
|
|
|
2021-07-12 18:56:52 |
CISO Roundtable: Ransomware Attacks and the True Cost to Business (lien direct) |
A recent global research report conducted by Cybereason, titled Ransomware: The True Cost to Business, revealed that the vast majority of organizations that have suffered a ransomware attack have experienced significant impact to the business, including loss of revenue, damage to the organization's brand, unplanned workforce reductions, and little in the way of relief from cyber insurance policies. |
Ransomware
|
|
|
|
2021-07-12 12:06:30 |
Malicious Life Podcast: The Life and Exploits of Albert Gonzales Part 2 (lien direct) |
In this second installment of the series (listen to Albert Gonzales Part 1 here), Gonzales is working with the Secret Service and apparently doing an outstanding job. He was such a good employee, in fact, that they had him doing seminars for staff and speaking at government-run conferences. At one point he met personally with the (then) Director of the Secret Service where Gonzales gave a presentation and even got to shake the Director's hand. |
|
|
|
|
2021-07-11 20:30:00 |
Cybereason and Doosan Corp Partner to Secure APAC Enterprises (lien direct) |
Cybereason is excited to announce a partnership with South Korean multinational conglomerate and Global Fortune 2000 leader the Doosan Corporation (Doosan Digital Innovation, or DDI) to protect enterprises from sophisticated cyberattacks on endpoints and across their networks. |
Guideline
|
|
|
|
2021-07-09 14:32:29 |
Summer Webinar Series with CSO Sam Curry (lien direct) |
Join Cybereason CSO Sam Curry for this webinar series where he revisits some of the cybersecurity highlights of the first half of 2021, from the SolarWinds supply chain attacks to DarkSide and other major ransomware operations.
In this series, Sam covers not just the problems confronting defenders so far this year but also the state of play for major ransomware operations, as well as a look at emerging solutions like XDR (Extended Detection and Response) that are designed to reverse the adversary advantage and return the high ground to the defenders.
Register now for one or all of this fascinating summer webinar series: |
Ransomware
|
|
|
|
2021-07-08 13:29:54 |
CISO Stories Podcast: CISO Business Enablement - Getting to Yes (lien direct) |
The CISO is often in a position where vulnerabilities are known and implementing a solution may result in an insecure posture. Should the CISO say 'no we can't do that' or 'figure out how to make it happen'? |
|
|
|
|
2021-07-07 20:27:43 |
REvil Ransomware Attacks: Implications for Kaseya, MSPs and Businesses (lien direct) |
In some ways, the ransomware attack involving Kaseya is a perfectly logical extension of everything we've seen since the end of last year with the disclosure of the SolarWinds attacks: the merger of supply chain exploits with ransomware to kickstart distribution, an even higher bar for extortions, and the same overall ecosystem at work. In other words, no surprises. |
Ransomware
|
|
|
|
2021-07-06 15:45:16 |
Cybereason vs. REvil Ransomware: The Kaseya Chronicles (lien direct) |
As a spate of ransomware attacks continue to dominate the headlines in recent months, the infamous REvil ransomware gang has upped the ante significantly with a wide ranging operation that is suspected to have impacted thousands of small-to-midsize businesses through the compromise of a leading IT services provider. |
Ransomware
Guideline
|
|
|
|
2021-07-06 14:17:09 |
Malicious Life Podcast: Jeff Moss on the History of DEF CON (lien direct) |
Jeff Moss, founder of the DEF CON Hacker conference (as well as Black Hat), discusses the origins of DEF CON, its "interesting relationship” with law enforcement and intelligence agencies, and some of the notable shenanigans the conference attendees pulled off over the years - check it out… |
|
|
|
|
2021-07-01 09:28:08 |
CISO Stories Podcast: Why Relationships Matter if You Want to Elevate Security (lien direct) |
Communication in any organization can be a challenge, especially when working with different levels of government and various funding mechanisms. |
|
|
|
|
2021-06-30 13:33:56 |
What SMBs Need to Know about Ransomware Attacks (lien direct) |
Ransomware attacks are on the rise. A recently released report by Cybereason, titled Ransomware: The True Cost to Business, detailed how malicious actors are fine-tuning their ransomware campaign tactics, and how both the frequency and severity of successful ransomware attacks have tremendous impact on victim organizations and their ability to conduct business. |
Ransomware
|
|
|
|
2021-06-28 14:08:06 |
Malicious Life Podcast: The Life and Exploits of Albert Gonzales Part 1 (lien direct) |
It was as a teenager that Albert Gonzalez, one of the greatest cybercriminals in history, developed the obsession that would go on to ruin his life. Gonzalez and some of his friends would go on to pull off some of the most remarkable crimes in the history of computers - but they just didn't know when to stop. If they did, they might have gotten away with it, and they might not have ruined their lives. |
|
|
|
|
2021-06-25 22:54:59 |
Ransomware Attacks: Will G7 and Biden-Putin Summits Prove Fruitful? (lien direct) |
I've been very busy lately. Between the back-to-back ransomware attacks and the release of our ransomware report highlighting the impact on business from ransomware attacks, I have been asked to share my thoughts and insights on a variety of broadcast and print media outlets. |
Ransomware
|
|
|
|
2021-06-23 12:56:41 |
CISO Stories Podcast: Fixing the Talent Shortage - CyberSecurity Talent Initiative (lien direct) |
As threats to the nation's security grow, there remains a substantial shortage of skilled cybersecurity professionals. The federal government and private sector can work together to fill their open positions and attract the next generation of motivated mission-driven cybersecurity leaders. |
Guideline
|
|
|
|
2021-06-22 13:07:04 |
Malicious Life Podcast: History of the THOTCON Hacking Conference (lien direct) |
THOTCON is not your ordinary, run-of-the-mill security conference, and it's obvious from the moment you browse their website. How did a local, small-scale event in Chicago grow to become a major cybersecurity conference? What is its connection to The Matrix movie? |
|
|
|
|
2021-06-21 13:34:19 |
XDR: The Key to Higher Education\'s Fight Against Ransomware (lien direct) |
A single student recently became the conduit for a ransomware attack at a biomolecular institute. According to ZDNet, the attack occurred when a student at the unnamed European organization attempted to find a free version of a data visualization software solution. |
Ransomware
|
|
|
|
2021-06-17 12:40:51 |
CISO Stories Podcast: So You Want to be a Cyber Spy? (lien direct) |
Ira Winkler, CISO at Skyline Technology Solutions, recounts his amazing journey from wannabe astronaut to NSA intelligence analyst, social engineer, systems hacker and author, and some of the crazy things that happened along the way - check it out... |
|
|
|
|
2021-06-17 12:32:14 |
Biden-Putin Summit and Why Threat Actors Just Won\'t Give it a Rest (lien direct) |
On June 11, McDonald's said in a message to its U.S. employees that it had discovered unauthorized activity on an internal security system. The burger chain responded by bringing on some external consultants to investigate what had happened, reported the Wall Street Journal. |
Threat
|
|
|
|
2021-06-16 04:04:05 |
Report: Ransomware Attacks and the True Cost to Business (lien direct) |
Ransomware attacks have continued to make headlines, and for good reason: on average, there is a new ransomware attack every 11 seconds, and the losses to organizations from ransomware attacks is projected to reach $20 billion over the course of 2021 following a record increase in losses of more than 225% in 2020. So what is the true cost to businesses who have been impacted by a ransomware attack? |
Ransomware
|
|
|
|
2021-06-15 15:00:00 |
Russia\'s Offer to Extradite Attackers - and a Grain of Salt (lien direct) |
President Vladimir Putin said that Russia would be willing to hand over cyber criminals to the United States if Washington agreed to reciprocate. According to Reuters, Putin disclosed his country's willingness to work with the United States on prosecuting cyber criminals in an interview aired by state television over the weekend. |
|
|
|
|
2021-06-15 13:46:35 |
Deja Vu: What Do NotPetya and SolarWinds Have in Common? (lien direct) |
As I was waking up in Boston on the morning of June 27, 2017, reports were being shared on social media that an electric power supplier in Ukraine was hit by a cyber attack. Within about an hour, a Danish power supplier was also knocked offline and Maersk shipping announced that it was affected as well. By the time I arrived at my desk, companies around the world were shut down by the same attack--which Symantec declared as Petya ransomware. It was going to be a busy and interesting day. |
|
NotPetya
NotPetya
|
|
|
2021-06-15 12:56:41 |
Malicious Life Podcast: China\'s Unrestricted Cyberwarfare Part 3 (lien direct) |
For more than a decade, China orchestrated a sophisticated espionage campaign against Nortel Networks, using Huawei, Chinese civilians working in Canada, and even organized crime gangs to steal important technical and operational information. When Nortel finally fell, the Chinese were there to reap the rewards of their death. |
|
|
|
|
2021-06-14 11:59:48 |
Ransomware Attacks are Evolving: What You Need to Know (lien direct) |
One look at all the ransomware attacks from the past few years, and it's clear that crypto-malware actors are attempting to maximize their financial gain. We've observed these threat groups using multiple techniques to profit even more off their victims than in years past. Here are a few tactics that stood out to us.
|
Ransomware
Threat
|
|
|
|
2021-06-09 13:23:33 |
CISO Stories Podcast: No Insider Cybersecurity Risk? Guess Again! (lien direct) |
We want to trust our employees and contractors working within our organizations. For the most part, people are doing their jobs with integrity every day. What happens when an employee decides to leave the organization and start their own business – but with your Intellectual property or customer lists? |
|
|
|
|
2021-06-08 20:14:43 |
DOJ Recovers $2.3M in Bitcoin Ransom Paid by Colonial Pipeline (lien direct) |
Investigators recovered $2.3 million in bitcoin paid by the Colonial Pipeline Company to DarkSide following a ransomware attack in early May. On June 7, the Department of Justice (DOJ) revealed that law enforcement agencies had been tracking transfers of bitcoin when they spotted the movement of 63.7 bitcoins associated with the Colonial Pipeline Company's ransom payment. |
|
|
|
|
2021-06-08 18:47:33 |
Webinar: Live Ransomware Attack Simulation (lien direct) |
If you're concerned about ransomware, whether it's beating REvil or DarkSide, stopping data exfiltration, or preventing the latest trend of double extortion, this session is for you!
Join us for a live ransomware attack simulation, where we'll discuss the latest attack trends, walk through a multi-stage ransomware attack. |
Ransomware
|
|
|
|
2021-06-08 13:25:12 |
Malicious Life Podcast: Inside the DarkSide Colonial Pipeline Attack (lien direct) |
On Friday, May 7th, 2021, Colonial Pipeline suffered a cyberattack that forced the company to shut down its operations. As a result, gasoline outages were reported across the U.S. East Coast. |
|
|
|
|
2021-06-07 12:14:36 |
Market Drivers for XDR and MSSP Service Opportunities (lien direct) |
In my last article, we looked at how to define Extended Detection and Response (XDR) solutions from an MSSP perspective and where it fits in as part of an overall Managed Detection and Response (MDR) service offering. |
|
|
|
|
2021-06-03 12:56:16 |
CISO Stories Podcast: CISOs Cross the Bridge to the Cloud (lien direct) |
Today, most organizations have moved some or all of their workloads to the cloud.This migration provides opportunities of scale, flexibility and speed, but the data moves further away from the physical control of the organization. |
|
|
|
|
2021-06-02 18:46:55 |
Cybereason vs. REvil Ransomware (lien direct) |
According to reports, meatpacking giant JBS was hit with a serious attack reportedly involving REvil ransomware, shutting down a good portion of the company's production capabilities and threatening to create supply chain disruptions and sharp cost of goods increases. |
Ransomware
|
|
|
|
2021-06-02 12:01:43 |
Cybereason Joins with MITRE Engenuity\'s Center for Threat-Informed Defense (lien direct) |
Cybereason is excited to announce that it is now a research sponsor of the Center for Threat-Informed Defense, allowing collaboration on applied research and development to improve cyber defenses at scale for the global security community. |
|
|
|
|
2021-06-01 16:53:30 |
SolarWinds Threat Actors Behind New Email Attack Campaign (lien direct) |
The threat actors behind last year's SolarWinds supply chain attack have launched a new email attack campaign aimed at organizations around the world. This attack wave attracted the attention of the Microsoft Threat Intelligence Center (MSTIC) on May 25. |
Threat
|
|
|
|
2021-06-01 12:51:20 |
The Line in the Sand: How We Respond Today Impacts Our Security Tomorrow (lien direct) |
In the past few months, we've faced massive attacks with SolarWinds and the HAFNIUM attacks targeting Microsoft Exchange, followed by the unprecedented ransomware attack by DarkSide that crippled US critical infrastructure. It is time to ask ourselves again, what is really going on? More importantly, the time has come for the United States government to do some soul searching on why defenses have failed and how we can prevent similar attacks in the future. |
Ransomware
|
|
|
|
2021-06-01 12:13:07 |
Malicious Life Podcast: China\'s Unrestricted Cyberwarfare Part 2 (lien direct) |
In China's Unrestricted Cyberwarfare Part 1 we explored the story of two Chinese military officers, veterans of the semi-conflict with Taiwan, who helped shape the role of cyber in modern warfare in China and beyond with special guest Lieutenant Colonel, USMC (retired) Bill Hagestad, a leading international authority on cyberwarfare and Chinese cyber operations and capabilities specifically. |
Guideline
|
|
|
|
2021-05-27 12:51:11 |
XDR: Moving Beyond the Limits of SIEM and SOAR (lien direct) |
Organizations around the world are under siege from cyberattacks, and they need tools that can protect against malware, exploits, and increasingly sophisticated attacks on both devices and users. SIEM, SOAR and EDR technologies all have their benefits, but organizations with mature security programs are looking to move beyond the limits of these offerings - that's where the advent of XDR comes into play. |
|
|
|