SEC News

What's new arround internet

Last one

Src	Date (GMT)	Titre	Description	Tags	Stories	Notes
	2023-03-03 13:00:00	Variant Payload Prevention: Applying Data Science to Stop the Stealthiest Threats (lien direct)				★★
	2023-02-28 13:04:02	Cybereason Named a Leader in 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms (lien direct)		Guideline		★★
	2023-02-23 21:33:59	New Studies Paint Bleak Picture of Future SOC Effectiveness (lien direct)		Studies		★★★
	2023-02-14 19:20:18	Ransomware Shifting to the Cloud (lien direct)	In the last few years, ransomware attacks have grown considerably. With 75% of organizations being attacked, it seems likely that we'll see a saturation point soon. And attackers have not been resting on their laurels. On the contrary, they have continued to evolve ransomware and are already in the fourth generation of this malicious software.	Ransomware		★★
	2023-02-07 18:17:40	THREAT ALERT: GootLoader - SEO Poisoning and Large Payloads Leading to Compromise (lien direct)	The Cybereason Incident Response (IR) team investigated an incident which involved new deployment methods of GootLoader through heavily-obfuscated JavaScript files. In addition to the new techniques used to load GootLoader, Cybereason also observed Cobalt Strike deployment, which leveraged DLL Hijacking, on top of a VLC MediaPlayer executable.	Threat Guideline		★★★
	2023-02-06 17:41:48	Cybereason advances prevention, data collection, investigation, and management capabilities (lien direct)		General Information		★★★
	2023-01-31 18:19:20	You Should Be Afraid of SIM Swaps (lien direct)	If SIM swap stories ever make the news, almost uniformly, they focus on people who lost a lot of money. But SIM swaps also take a psychological toll. Getting cut off from the grid all of a sudden, not knowing why, not being able to call for help. Even when it's over, you never know if your attackers -- whoever they are -- will come back again.			★★★
	2023-01-24 15:17:03	FBI vs. REvil [ML BSide] (lien direct)				★★★★★
	2023-01-20 17:11:49	Cyberbunker, Part 2 (lien direct)	Spamhaus's decision to add Cyberbunker to its list of Spam sources led the Stophaus coalition to initiate a DDoS attack later dubbed “The attack that almost broke the Internet.” The fallout from this attack led to Cyberbunker relocating to a bunker in Germany - but it was the involvement of an Irish drug lord known as 'The Penguin' that led to the bullet-proof hosting company's downfall.	Spam		★★
	2023-01-19 14:00:00	7 Requirements for a Successful XDR Strategy (lien direct)				★★
	2023-01-19 13:00:00	Sliver C2 Leveraged by Many Threat Actors (lien direct)	What you need to know about this attack framework before it replaces Cobalt Strike	Threat		★★★★★
	2023-01-17 15:21:04	RSA Conference 2023 Promises New Concepts, Diversity of Ideas (lien direct)	The new year is always a time to reflect on what's coming next. As part of the RSA Conference program committee (having worked on the Hackers & Threats track for a number of years), I'm very privileged to see everyone's perspectives. This year I'm happy to report there was a significant growth in the number of submissions suggesting that the collective is starting to look beyond Covid, which definitely hampered the volume and creativity of solutions in recent years.			★★
	2023-01-11 19:45:06	Cyberbunker, Part 1 (lien direct)	Sven Kamphuis and Herman Johan Xennt are quite dissimilar: one is young, the other is old, one is a Freedom Fighter, the other a businessman. In 1996, their unlikely partnership coalesced around a mutual deep hatred towards authority - and around a very unusual building: a Cold-War era nuclear bunker.			★★
	2023-01-10 12:00:00	THREAT ANALYSIS: From IcedID to Domain Compromise (lien direct)	BACKGROUND In this Threat Analysis report, the Cybereason team investigates a recent IcedID infection that illustrates the tactics, techniques, and procedures (TTPs) used in a recent campaign. IcedID, also known as BokBot, is traditionally known as a banking trojan used to steal financial information from its victims. It has been around since at least 2017 and has been tied to the threat group TA551.	Threat		★★★★
	2023-01-09 18:47:58	MITRE ATT&CK and the Art of Building Better Defenses (lien direct)	MITRE's Adversarial Tactics, Techniques, and Common Knowledge (MITRE ATT&CK) is a critical tool for security practitioners seeking to understand how attackers move, operate, and conduct their attacks. Designed to look at attacks from the attacker's perspective, it catalogs the attack lifecycle of different adversaries and the platforms they choose to target, all based on real-world observations.	Tool		★★
	2023-01-03 17:01:06	How Netflix Learned Cloud Security [ML B-Side] (lien direct)	2011 was a pivotal year for Netflix: the now hugely successful company was then in the midst of a formidable transformation, changing from a mail-based DVD rental service to the modern streaming service that it is today. It was at this crucial point in the company's history that Jason Chan, our guest in this episode, was hired by Netflix to lay the foundations for its cloud security protocols. Nate Nelson, our Sr. Producer, spoke with Jason about the decade he spent at the company, what he learned during his tenure there, and the ideas that took shape at that time, such as Chaos Engineering.			★★
	2022-12-19 21:40:03	Malicious Life Podcast: Fred Cohen, The Godfather of Computer Viruses [ML B-Side] (lien direct)	In his 1984 seminal paper - Computer Viruses: Theory and Experiments - Dr. Fred Cohen not only introduced the name 'computer virus', a term invented by his mentor, Leonard Adelman, but was also the first to analyze computer viruses in a rigorous mathematical way, proving that computer viruses were not only practical - but that they were in fact inevitable. Nate Nelson, our Sr. producer, spoke with Dr. Cohen about his early research into computer viruses, his work with the US army, the panicky response from the US government - and the parallels between computer viruses and mental viruses - i.e. memes.			★★
	2022-12-14 13:40:44	(Déjà vu) Royal Rumble: Analysis of Royal Ransomware (lien direct)	The Royal ransomware group emerged in early 2022 and has gained momentum since the middle of the year. Its ransomware, which the group deploys through different TTPs, has impacted multiple organizations across the globe. The group itself is suspected of consisting of former members of other ransomware groups, based on similarities researchers have observed between Royal ransomware and other ransomware operators.	Ransomware		★★★
	2022-12-13 19:44:39	Case Study: How Cybereason MDR Improved Olist\'s Triage & Response Time (lien direct)	Olist, a Brazilian e-commerce marketplace integrator, is one of the fastest-growing eCommerce platforms in the world. Last year, for example, it closed four acquisitions and tripled in size. Today, it is rapidly expanding beyond Brazil.			★★
	2022-12-13 17:30:00	Malicious Life Podcast: Thamar Reservoir (lien direct)	Thamar Gindin is an Israeli scholar whose research focuses on the Persian language. For the past seven years (at least) Thamar has been a target for an endless stream of spear-phishing attempts by the Iranian regime, trying to take over her email account and lure her away from her country's borders. Her family, friends, and colleagues have also suffered numerous attacks. So, how does it feel to live for years with a virtual target mark on your back?…			★★
	2022-12-12 11:00:00	Ransomware: Which Industries Are Most Likely to Pay (lien direct)	A recent study by Cybereason, Ransomware: The True Cost to Business 2022, revealed that 73% of respondents had experienced a ransomware attack in the last 24 months. Of those respondents, 28% said their organizations paid the ransom. A separate survey of cybersecurity leaders conducted by WSJ Pro Research found that 42.5% of respondents said they would consider paying a ransom.	Ransomware Guideline		★★★★
	2022-12-07 12:00:00	What Healthcare CISOs Can Do Differently to Fight Ransomware (lien direct)	Ransomware attacks cost the healthcare industry over $20 billion in 2020 and show no sign of slowing down. “The current outlook is terrible,” says Israel Barak, CISO of Cybereason. “We are seeing the industry experience an extremely sharp increase in both the quantity and level of sophistication of these attacks.”	Ransomware		★★★
	2022-12-06 19:48:35	The Problem With Kernel-Mode Anti-Cheat Software [ML B-Side] (lien direct)	Nobody likes cheaters, especially in video games: we play games to have fun, and nothing hurts the joy of playing a good game more than losing to a cheater. That is why EA is not the only publisher to implement kernel-mode anti-cheat software in their games: League of Legends and Valorant, for example, use similar software. Yet some people warn that installing such kernel-level systems is extremely dangerous. So, what's the problem with kernel-mode anti-cheat software?			★★★
	2022-12-05 06:00:00	Threat Analysis: MSI - Masquerading as a Software Installer (lien direct)		Threat Threat		★★★
	2022-12-02 13:00:00	FBI, CISA Issue Warning on Cuba Ransomware (lien direct)		Ransomware		★★★
	2022-12-01 11:00:00	Nine Cybersecurity Predictions for 2023 (lien direct)	In 2022, ransomware continued to reign king and became one of the most common and dangerous threats facing healthcare organizations and software supply chains. The war on Ukraine created heightened concern over zero-day threats wreaking havoc for organizations worldwide. The cyber gang Conti with Russian-linked ties managed to disrupt financial operations throughout Costa Rica, and it seems there is no end in sight to the hacking group Lapsus$, which has proven itself to be a formidable threat actor.	Ransomware Threat		★★★
	2022-11-29 16:09:58	Malicious Life Podcast: How to NOT Build a Cybersecurity Startup (lien direct)	When it was founded in 2011, Norse Corp.-which described itself as "the world's largest dedicated threat intelligence network"-had everything a promising startup could wish for: a charismatic and experienced founder, a rare and valuable technology, and few tens of millions of dollars from investors. Less than six years later, it all came crashing down in the most horrible death a business can experience. What went wrong in Norse Corp.?	Threat		★★★
	2022-11-28 14:37:31	Malicious Life Podcast: Jailbreaking Tractors (lien direct)	John Deere, an American agricultural machinery manufacturer, has recently enraged many farmers and digital rights activists due to the restrictive fixing policy of its tractors. Now, an Australian white hat hacker named Sick Codes has demonstrated not only how he was able to jailbreak the company's tractors and run Doom on them (because why not) - but also hack into its global operations center, demonstrating how hackers can easily take over a huge number of farming machines all over the world.	Hack		★★★
	2022-11-25 13:00:00	The Russian Business Network (lien direct)	In 2006 the Russian Business Network pivoted its business: the once legitimate ISP became a 'bullet-proof' hosting service, catering to the needs of cybercriminals. It quickly became the largest player in the Russian cybercrime landscape, with ~60% of all cybercrime activity related to Russia connected to it in some way. Following the Russian government's years-old tradition of collaborating with organized crime, it's no wonder that the Russian Business Network quickly became Putin's informal cyber attack arm.			★★★
	2022-11-24 13:00:00	What Can Chess Grandmasters Teach Us About Cyber (lien direct)				★★★★
	2022-11-23 05:01:00	THREAT ALERT: Aggressive Qakbot Campaign and the Black Basta Ransomware Group Targeting U.S. Companies (lien direct)	The Cybereason Global SOC (GSOC) team is investigating Qakbot infections observed in customer environments related to a potentially widespread ransomware campaign run by Black Basta. The campaign is primarily targeting U.S.-based companies.	Ransomware		★★★
	2022-11-22 11:00:00	Malicious Life Podcast: What Would Happen If CBS Got Hacked? (lien direct)	Media companies probably get hacked no more than other, non-media oriented organizations such as hospitals, banks, etc. But these hacks are often more visible and more memorable because… well, media companies are more public facing by their very nature. How can these organizations be hacked, and why should we care about such attacks? Nate Nelson spoke with Joel Molinoff, former chief information risk officer for CBS Corporation, and Dan Vasile, former vice president of information security at Paramount.			★★★
	2022-11-18 17:00:00	Malicious Life Podcast: LabMD vs. The FTC (lien direct)	One day in 2008, Michael Daugherty - CEO and owner of LabMD, a cancer detection lab - got a call from an executive of TiVera, a cybersecurity company. The caller said that a file containing private medical data of some 9000 of LabMD's patients has been discovered online. When Michael refused to pay for TiVersa's hefty "consultation fee", it reported the incident to the FTC. This was the beginning of a ten-year-long legal battle that ultimately destroyed LabMD - but cost the Federal Agency dearly.
	2022-11-16 11:00:00	Holiday, Weekend Ransomware Attacks Continue to Hit Companies Hard (lien direct)	As the holidays approach, security leaders wanting to give their teams some much deserved extra time off may get caught in a bind. After all, ransomware actors love to wreak havoc when organizations' human defenses are trying to sleep in heavenly peace.	Ransomware Guideline
	2022-11-14 15:50:49	NGAV Redefined: 9 Layers of Unparalleled Attack Protection (lien direct)	Introduction			★★★
	2022-11-11 13:00:00	A Message to All Defenders This Veterans Day (lien direct)	I'm Dan Verton, Director of Content Marketing at Cybereason and a proud veteran of the United States Marine Corps. On behalf of my U.S.-based colleagues at Cybereason, I want to extend our sincere gratitude and appreciation to all who have answered our nation's call to service.
	2022-11-01 20:06:53	Machine Timeline Enhancements Improve Investigation Workflows (lien direct)	In July, Cybereason announced the release of the Process Timeline feature, now known as Machine Timeline, since it shows a unified timeline of events on a machine of interest around the time of a key or “lead event.” Today, Cybereason is excited to announce a series of enhancements in the Machine Timeline feature to improve investigation workflows further.	Guideline
	2022-10-26 21:02:07	Cybereason Announces Organizational Updates (lien direct)
	2022-10-21 12:00:00	THREAT ANALYSIS REPORT: DLL Side-Loading Widely (Ab)Used (lien direct)	This Threat Analysis Report is part of the Purple Team Series. In this series, the Managed Detection and Response (MDR) and Threat Intelligence teams from the Cybereason Global Security Operations Center (GSOC) explore widely used attack techniques, outline how threat actors leverage these techniques, describe how to reproduce an attack, and report how defenders can detect and prevent these attacks.	Threat
	2022-10-19 12:00:00	Operationalizing MITRE ATT&CK: A New Wave is Here (lien direct)	If you want to build and maintain a heatmap of your organization's detection coverage, it requires a mixture of art, science, and actionable transparency from your security vendors. Today, the MITRE ATT&CK Framework has become the de-facto language for how we communicate, analyze, and attribute adversary activity.
	2022-10-18 18:47:44	Malicious Life Podcast: Hacking Stock Markets Part 2 (lien direct)
	2022-10-18 15:53:02	Telcos: The Supply Chain Attack You\'re Not Ready For (lien direct)
	2022-10-12 14:30:05	Indicators of Behavior and the Diminishing Value of IOCs (lien direct)
	2022-10-11 13:51:43	Why NGAV Displaced Traditional Antivirus Tools (lien direct)	Next-generation antivirus (NGAV) solutions are quickly replacing outmoded signature-based antivirus tools, and ransomware has a lot to do with it. Traditional AV tools fall short considering what we're up against when we look at the true cost of ransomware attacks for business, and why this change was inevitable.	Ransomware
	2022-10-11 13:13:14	Malicious Life Podcast: Vishing Voice Scams (lien direct)
	2022-10-06 14:21:59	Cybersecurity Accountability Regulation? Your Opinion Matters… (lien direct)	Harvard Business Review (HBR) recently published an article that tackles the same topic as the latest Cyber Defenders Council report: cybersecurity regulation. The HBR article explores the complexities of incident reporting regulation, while the Cyber Defenders Council report delves into the pros and cons of cybersecurity accountability regulation.
	2022-10-06 14:11:03	Ten Ways to Make Your Security Operations More Efficient (lien direct)
	2022-10-05 14:27:36	Container Escape: All You Need is Cap (Capabilities) (lien direct)
	2022-10-05 14:18:33	Leveraging Indicators of Behavior for Early Detection (lien direct)
	2022-10-04 14:57:39	Blue Teaming on macOS with eslogger (lien direct)

Last update at: 2024-05-13 05:07:45
See our sources.

To see everything: Our RSS (filtrered)