What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-11-02 05:00:00 | Back to the Future: Inside the Kimsuky KGH Spyware Suite (lien direct) |
Research by: Assaf Dahan, Lior Rochberger, Daniel Frank and Tom Fakterman |
|||
|
2020-10-30 19:55:19 | Law Enforcement Warns of Imminent Ransomware Threat to U.S. Hospitals (lien direct) |
On October 29, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) published a joint alert with the Federal Bureau of Investigations (FBI) and the Department of Health and Human Services (HHS). In it, the organizations claimed to “have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” CISA, the FBI and HHS attributed the threat to the digital criminal enterprise behind TrickBot, malware which is capable of targeting victims with ransomware. |
Ransomware Malware Threat | ||
|
2020-10-30 10:54:33 | Ryuk Ransomware: Mitigation and Defense Action Items (lien direct) |
The FBI, DHS, and HHS are warning of imminent Ryuk ransomware attacks targeting hospitals in the US. The story is being covered broadly by the industry media, including Krebs and various media outlets. |
Ransomware | ||
|
2020-10-29 18:09:04 | Heart of Cyber Darkness: How I Became a Defender (lien direct) |
When I went back into the workforce after my last degree in 1996, I made a big leap and returned to Canada to join a small team of passionate people in a brand new company called Signal 9 Solutions. I packed my bags and headed to the village of Ashton, Station Ontario not far from Ottawa, where thanks to my friend (and boss) Phil Attfield, I had a bed in Phil's basement, which had just flooded to due a thaw and snap freeze; I drove a green-minded, propane power Chrysler K-car with AM-only radio. This was the dream if you can believe it a quarter century later. |
|||
|
2020-10-28 03:24:21 | Cybereason\'s Commitment to Defenders Now Backed by $1 Million Breach Protection Warranty (lien direct) |
At Cybereason, we ask defenders to place their trust in us to protect their valuable assets, and in return we believe we owe them a level of accountability worthy of that trust. As an affirmation of our commitment to our customers and the confidence we have in the effectiveness of our platform, we are pleased to announce the Cybereason Breach Protection Warranty (PDF), which provides up to $1 Million in coverage in the event of a breach. |
|||
|
2020-10-26 12:41:40 | Finding Our Brand Voice: Champions for the Defender (lien direct) |
When I was considering joining Cybereason as CMO earlier this year, one of the first things that stood out to me was the company's stellar technology. In 2020 alone some of the world's most respected analyst firms and testing labs have rated Cybereason the industry's top endpoint protection platform. Cybereason is also one of the planet's fastest-growing, most well-funded cybersecurity companies with more than $400M in investment, a team that has doubled in just 1.5 years, and a customer base that grew by more than 100 percent within the same period. |
|||
|
2020-10-16 20:18:40 | Cybereason Capture The Flag: Challenge Overviews (lien direct) |
In August, we hosted our first ever Cybereason Capture The Flag competition. While we intended to start small and grow, we had an impressive level of participation approaching almost 900 people! We had a blast building the challenges and interacting with all the participants, and hope you'll join us for a future event! |
|||
|
2020-10-15 12:00:00 | It\'s October: YES, National Cybersecurity Awareness Month Still Matters (lien direct) |
It's Cybersecurity Awareness Month. Again. And the question comes up as it does every year, as to whether more awareness is needed or is a good thing. For example, studies have shown that after a certain point, there are diminishing returns with the same anti-phishing training. |
Studies | ||
|
2020-10-14 13:30:00 | Security All In Podcast: Live Episode with Cybereason CEO Lior Div (lien direct) |
With each major data breach the role of the Chief Information Security Officer becomes more complex, and more crucial. Ditch whatever preconception you may have-these individuals manage risk on a daily basis, with one foot in the world of business and another in the world of cybersecurity. |
Data Breach | ||
|
2020-09-24 18:56:25 | German Ransomware Attack: A Rallying Cry for Bullish Diligence (lien direct) |
According to recent reports, a woman in Germany died after a ransomware attack against a hospital system forced her to be rerouted to a more remote facility, delaying critical treatment by an hour. This event is undoubtedly a tragedy for the woman, her family, for Germany, and for the security community. |
Ransomware | ||
|
2020-09-22 17:23:19 | VB2020: Anchor, Bazar, and the Trickbot Connection (lien direct) |
VB2020, the annual Virus Bulletin international conference “featuring the latest and best research on malware, malicious actors and threat intelligence,” has gone virtual this year and will be live-streamed 30 Sept - 2 Oct, 2020. The conference is free of charge, and offers a wide selection of presentations for on-demand viewing in addition to the live sessions. |
Threat | ||
|
2020-09-15 19:03:34 | Digital Forensic Breadcrumbs at the 2020 Grace Hopper Celebration (lien direct) |
Cybereason will be present at the 2020 Grace Hopper Celebration, the world's largest gathering around the research and career interests of women in computing happening in October. With 25,000 participants expected to attend, and keynotes from Serena Williams and Megan Rapinoe, the Grace Hopper Celebration brings together women in STEM across the globe, in the first ever virtual edition of the conference. |
|||
|
2020-09-08 21:08:15 | Cybereason\'s Commitment to Inclusion in Cybersecurity (lien direct) |
We are currently living through the one of the largest worldwide social justice movements in history. While discussions about racial injustice are focused on the United States and the Black Lives Matter movement, issues of equity and inclusion affect people worldwide, from our employees to our global customer community. With a mission to protect people and information in an open and connected world, we believe we must do what we can to create a welcoming environment for all defenders. |
|||
|
2020-09-03 04:00:00 | No Rest for the Wicked: Evilnum Unleashes PyVil RAT (lien direct) |
Research by: Tom Fakterman |
|||
|
2020-08-25 20:01:29 | Time for an Upgrade: How to Switch from Symantec to Cybereason (lien direct) |
The enterprise perimeter today is more distributed than ever, and securing it requires a strong understanding of the adversary and the evolving attack landscape. Since our founding in 2012, Cybereason has proven effective in stopping the most advanced attacks, and we continue to push the boundaries of innovation in our mission to enable organizations to remain secure in the face of evolving threats. |
|||
|
2020-08-21 12:00:00 | Operation Blackout Virtual Edition: Election Security Tabletops (lien direct) |
Recent times have seen election tampering by special interest groups and foreign powers in the United States, Europe and Asia. With looming, late 2020 elections across the world and a global pandemic underway, Cybereason has been hosting election security tabletop exercises in partnership with both public and private sector professionals to test our resilience to possible disruptions. |
|||
|
2020-08-20 15:22:18 | Cyber Security Tips for Allowing Employees to Work From Home (lien direct) |
Around the world, many people already work full-time from the comfort of their homes or local coffee shops. Employers have discovered, and research has consistently shown, that when employees telework, they remain productive due to having fewer distractions and spending less time commuting. |
★★★★ | ||
|
2020-08-18 13:00:00 | Deepfakes: Novelty Trend or Novel Threat? (lien direct) |
Speculation over the potential for misuse of AI and machine learning technologies have been bandied about for longer than the practical applications of these technologies have been available. We've seen concerns manifest in popular culture as depictions of a dystopian future, and while reality is considerably less dramatic, there have been some developments that are nonetheless worthy of examination. |
|||
|
2020-08-13 19:01:45 | Hacker Summer Camp is Cancelled, Long Live Virtual Hacker Summer Camp (lien direct) |
A few months ago, in light of the ongoing pandemic, fears that hacker summer camp would be cancelled were realized. However, festivities still continued for some conferences, albeit in a virtual format. Last week, the Black Hat USA conference and DEFCON were made virtual, with BSides Las Vegas cancelled and the Diana Initiative pushed back a few weeks. |
|||
|
2020-08-10 19:23:42 | Protecting Against Potential Cybersecurity Threats Brought on by Remote Work (lien direct) |
Over the past few years, it has become clear that just trying to block out cybersecurity threats is not enough to protect an organization. Everyone now understands that firewalls and traditional antivirus solutions are not enough, as breaches are inevitable. |
|||
|
2020-08-06 16:35:16 | Increase in Remote Work Spurs Demand for EDR Cybersecurity (lien direct) |
The global coronavirus outbreak has sparked a surge in organizations requiring their employees to work from home. To remain productive and competitive, remote workers need to be able to do everything they can do from their desk at the office. However, with this increase in telework, cybersecurity has become a major concern for these companies as large numbers of employees access their organization's network from remote locations. |
|||
|
2020-08-04 16:02:12 | The 5 Sessions We Are Most Excited for at Virtual Black Hat USA 2020 (lien direct) |
Hacker summer camp may be cancelled, but thankfully we are still on course for an interesting Black Hat. Of course, our team will be there in the Business Hall to answer any questions you might have and to give away some cool swag (get a custom tee!). But we will also be attending briefings during the week, and I want to take a minute to highlight some of the ones we are the most excited for. |
|||
|
2020-08-03 15:20:48 | 4 Challenges Faced by Organizations Transitioning to Remote Work (lien direct) |
Many organizations have recently been forced to send their employees home to work, but few were fully prepared to move all their employees to remote work. During the past few months, many companies have been in contact with us with various questions and requests about remote security. |
|||
|
2020-07-28 13:59:00 | Remote Work Because of a Pandemic Could Give Your Company a Different Kind of Virus (lien direct) |
As millions of employees log in to work from home, there's an increased risk they could expose their organization's network to a cybersecurity threat. |
|||
|
2020-07-22 20:58:20 | Need a Boost? Stretch Your Skills with the Cybereason Summer CTF! (lien direct) |
Are you feeling cooped up after months of social distancing? Suffering from video conferencing meeting fatigue? Do you need to reawaken your curious analyst? Come capture flags and win prizes with Cybereason! Save your spot here. |
|||
|
2020-07-22 15:50:01 | What Is a VPN, and How Can It Help Enterprises with Remote Workers? (lien direct) |
With the recent surge in large numbers of employees working from home, the importance of using a VPN has become a topic within many companies. As a result, the questions of what a VPN is, and what VPNs do, have been getting a lot of attention lately. We'll try to outline the basics about VPNs here. |
|||
|
2020-07-20 09:00:00 | Ensuring Data Privacy: Update on EU Court of Justice Ruling (lien direct) |
Cybereason is the only EPP vendor that gives you full control of your data and protects your data wherever it is. |
|||
|
2020-07-16 04:15:00 | A Bazar of Tricks: Following Team9\'s Development Cycles (lien direct) |
Research by: Daniel Frank, Mary Zhao and Assaf Dahan |
|||
|
2020-07-15 20:02:15 | Certified Business Security! (lien direct) |
We are proud to announce the Cybereason Defense Platform has attained the AV Comparatives “Business Security” product certification! This independent 3rd party validation from an established and recognized security testing organization once again showcases how the Cybereason Prevention capabilities are able to help protect enterprises from both “Real World” and “Malware” based attacks. |
|||
|
2020-07-08 19:26:08 | Post-incident Review and the Big Data Problem (lien direct) |
Across the board, security teams of every industry, organization size, and maturity level share at least one goal: they need to manage risk. Managing risk is not the same as solving the problem of cybersecurity once and for all, because there is simply no way to solve the problem once and for all. Attackers are constantly adapting, developing new and advanced attacks, and discovering new vulnerabilities. Security teams that have accepted the post-breach mindset understand that cybersecurity is an ongoing chess match with no end. They focus on reducing risk as much as possible through visibility and automation, instead of searching for a one-size-fits-all solution. |
|||
|
2020-07-06 19:13:11 | What Modern Ransomware Looks Like (lien direct) |
Over the past year, we have seen many different types of ransomware attacks evolving, especially evolving into multistage ransomware that not only ransoms data, but also exfiltrates as much data as possible. Below is a brief overview of three of the most common modern ransomware attacks we are seeing today. |
Ransomware | ||
|
2020-07-01 04:15:00 | FakeSpy Masquerades as Postal Service Apps Around the World (lien direct) |
Research by: Ofir Almkias, Security Researcher, Mobile Analyst, Cybereason |
|||
|
2020-06-30 16:27:31 | Ransomware: Weapons of Mass Disruption (lien direct) |
May 12th 2020 marked the 3 year anniversary of the WannaCry ransomware attack. Estimated to have affected hundreds of thousands of endpoints across 150 countries all around the world, the total damages as a result of the WannaCry attack have reached up to 4 billion USD, according to some accounts. |
Ransomware | Wannacry | |
|
2020-06-24 16:18:05 | How to Design a Prevention Stack to Stop Ransomware (lien direct) |
Today, any random Google search for “ransomware attack” will result in a new story of an organization impacted by ransomware, and usually not for the first time. Ransomware attacks are an efficient and effective weapon for criminals who want to harm any business through crucial data loss, damaged productivity, and injured brand reputation. These attacks often have a big price tag attached to them, a combination of the business paying the ransom and the actual downtime the business suffers because of the attack. |
Ransomware | ||
|
2020-06-23 17:06:55 | Next-generation Antivirus 101: Layers of Prevention (lien direct) |
The foundation of the antivirus industry was built in the 1980s, with companies like McAfee and Avast releasing their first antivirus products. At that time, the terms “malware” and “computer virus” were just being born. Over the course of the next forty years, attackers would develop malware into the broad mix of crude and sophisticated software we see today. Now, there are over 1000M new malware samples classified every year. |
Malware | ||
|
2020-06-16 19:21:10 | 308% ROI by Using Cybereason, According to Forrester Total Economic Impact Study (lien direct) |
As a security professional, it goes without saying protecting your organization from cyber threats is job #1. This is especially true in today's connected digital world where attackers are continually looking for ways to exploit your employees and systems. You need a security solution that can keep pace with the changing methods leveraged by attackers, all while trying to maintain costs, as budgets for security solutions and people are not unlimited. |
|||
|
2020-06-12 19:21:21 | UbU: Championing Diversity, Equity, and Inclusion at Cybereason (lien direct) |
UbU (“you be you”) is the value that sits front and center at Cybereason. Acceptance of every person is at the heart of who we are as a company. As we celebrate PRIDE week (as we do every year), we also grieve the racism and violence taking place around us. |
|||
|
2020-06-11 04:15:00 | Cybereason\'s Newest Honeypot Shows How Multistage Ransomware Attacks Should Have Critical Infrastructure Providers on High Alert (lien direct) |
Introduction
Earlier this year, Cybereason launched its latest honeypot to analyze the tactics, techniques, and procedures used by state-sponsored groups and cyber crime actors to target critical infrastructure providers. This honeypot was a follow up to a previous successful honeypot launched two years ago in 2018 looking at the same industry. The honeypot was built to look like an electricity company with operations in North America and Europe.
In this new research, the Cybereason team identified multiple attackers executing ransomware operations involving data theft, the stealing of user credentials, and lateral movement across the victims network to compromise as many endpoints as possible. This includes critical assets like the domain controllers, which could take between several minutes to several hours to properly infiltrate.
Ransomware capabilities were deployed early on in the hacking operation, but it was not immediately detonated. The ransomware was designed to detonate only after preliminary stages of the attack finished across all compromised endpoints in order to achieve maximum impact on the victim.
This operational attack pattern attempts to impact as many victim assets as possible, representing a higher risk to organizations compared to ransomware attacks that impact the single machine they initially access. However, this operational pattern also represents an opportunity for defenders with a rapid detection and response process to detect the attack at its early stages and respond effectively before ransomware is able to impact the environment.
Given the results of this research, we conclude that multistage ransomware attacks on critical infrastructure providers are increasingly dangerous and more prevalent.
Check out a condensed, high level version of this report on our threat alerts page.
Background
We live in a world of insecurity where hackers have the advantage over the vast majority of enterprises trying to protect their computer networks. No where is that more evident than with critical infrastructure providers, who are facing a constant barrage of cyberattacks from motivated and oftentimes well-funded groups of cybercriminals and state-sponsored actors. |
Ransomware | ||
|
2020-06-10 14:27:41 | How I made my company\'s office into a fancy internet cafe and why should you too (lien direct) |
These are strange times. COVID-19 has changed the way we work, the way we communicate, and the way organizations operate. One of the concerns that is taking more and more focus now is around the move from working inside the perimeter to working outside the perimeter. We all know how to work in the perimeter, and we have learned in the past few months how to work outside the perimeter, but the back and forth between these two modes of operation can introduce risks on its own. Think about a computer in the perimeter, protected with perimeter security, that now goes out and is being used by someone working from home. During that time it's less protected since the perimeter isn't there. Then that computer is taken back into the perimeter and brings along with it threats it picked up outside - unwanted software, maybe an attacker with a persistent foothold on it. Now, it poses a risk to the entire organization from the inside. |
To see everything:
Our RSS (filtrered)
