What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-16 13:26:55 | (Déjà vu) Webinar June 2nd 2022: Live Attack Simulation - Ransomware Threat Hunter Series (lien direct) |
|
Ransomware Threat | ||
|
2022-05-13 13:00:22 | Behavioral Execution Prevention: Next-Generation Antivirus Evolved (lien direct) |
Defenders around the world need innovative tools to stop sophisticated attacks. Cybereason is excited to announce Behavioral Execution Prevention (BEP), a new layer of NGAV defense designed to stop phishing attacks, zero-day attacks, and drive-by attacks. |
|||
|
2022-05-12 15:54:00 | Russia Is Waging Cyberwar–with Little Success (lien direct) |
The atrocities taking place in Ukraine are truly tragic. It is personal to me. I've had the opportunity to work alongside cyber experts in Ukraine–providing time and resources over the years to help with cyber deterrence, and I watched anxiously as tensions escalated earlier this year. Russia may have launched its physical invasion of its neighbor on February 24, but Russia and threat actors aligned with Russia have been targeting Ukraine with cyberattacks for years. |
Threat | ★★★★ | |
|
2022-05-12 13:00:56 | Employee Spotlight: Why People are Key to Cybereason Success (lien direct) |
Tim Weis, who was recently promoted to Senior Talent Acquisition Partner, supports hiring for some of our US-based teams and helps each of them scale and grow. Read below to learn more about Tim and why he says this is an exciting time to join Cybereason. |
★★★ | ||
|
2022-05-11 12:59:06 | Harnessing the Power of AI-Driven XDR (lien direct) |
Many security professionals believe they're going to start seeing an uptick in AI-assisted attacks at some point in the near future. According to AIMultiple, 90% of infosec personnel in the U.S. and Japan said they're anticipating an increase in these automated attack campaigns, due in no small part to the public availability of AI research, which attackers are exploiting for their malicious purposes. |
★★ | ||
|
2022-05-10 12:25:56 | New Cybereason Incident Response and Professional Services Bundles Include Unlimited Support (lien direct) |
Cybereason has launched subscription-based bundles for Incident Response (IR) and Professional Services teams that deliver the speed and agility needed to identify, correlate, and quickly contain threats while reducing costs by as much as thirty percent. |
★★★★ | ||
|
2022-05-09 13:21:56 | Malicious Life Podcast: How to Russia-Proof Your Democracy (lien direct) |
In 2007, Estonia–then already a technologically advanced country–suffered a large-scale DDoS attack which crippled many organizations and digital services. Joseph Carson, a Security Scientist and adviser to several governments discusses the lessons learned from that event and how Estonia became what he calls 'A Cloud Country' - check it out… |
★★ | ||
|
2022-05-09 12:40:12 | How Do Ransomware Attacks Impact Victim Organizations\' Stock? (lien direct) |
Ransomware has developed into an extremely lucrative business model with little risk involved for the threat actors. Couple this with the willingness of most victim organizations to pay the ransom demand under the assumption it will return business operations to normal–ultimately encouraging more attacks–and we have a big problem with no easy remedies. |
Ransomware Threat | ★★★ | |
|
2022-05-06 14:24:54 | The Global Impact of Operation CuckooBees (lien direct) |
Nation-states hack each other. This is the reality we live in and have for some time. The difference is some attacks are more dangerous than others, with a global impact. I'm proud of the research the Cybereason team has unveiled this week on Operation CuckooBees. This research is different. This campaign goes beyond nation-state espionage and has a ripple effect with consequences that impact the global economy. |
Hack | ★★★★ | |
|
2022-05-05 13:53:04 | How the MalOp Can Facilitate New Breach Reporting Rules (lien direct) |
New rules went into effect May 1 that require U.S. financial institutions to report cyber security incidents to regulators within 36 hours. |
|||
|
2022-05-05 13:47:10 | Webinar May 25th 2022: Organizations at Risk: Ransomware Attackers Don\'t Take Holidays (lien direct) |
Join us for this webinar as we delve into research findings about the risk to organizations from ransomware attacks that occur on weekends and holidays and how you can better prepare to defend against and respond to attacks designed to hit when your organization is most vulnerable. |
Ransomware | ||
|
2022-05-04 04:02:00 | Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation (lien direct) |
Cybersecurity often focuses on malware campaigns or the latest zero-day exploit. Surveys and reports reveal the average cost of a data breach or how much it typically costs to recover from a ransomware attack. Those are the attacks that make noise and capture attention, though. The attacks that fly under the radar are often more insidious and much more costly. |
Ransomware Data Breach Malware | ||
|
2022-05-04 04:01:00 | Operation CuckooBees: Deep-Dive into Stealthy Winnti Techniques (lien direct) |
In 2021, the Cybereason Nocturnus Incident Response Team investigated multiple intrusions targeting technology and manufacturing companies located in Asia, Europe and North America. Based on the findings of our investigation, it appears that the goal behind these intrusions was to steal sensitive intellectual property for cyber espionage purposes. |
APT 41 | ||
|
2022-05-04 04:00:00 | Operation CuckooBees: A Winnti Malware Arsenal Deep-Dive (lien direct) |
In part one of this research, the Cybereason Nocturnus Incident Response Team provided a unique glimpse into the Wintti intrusion playbook, covering the techniques that were used by the group from initial compromise to stealing the data, as observed and analyzed by the Cybereason Incident Response team. |
Malware | APT 41 | |
|
2022-05-03 13:28:07 | (Déjà vu) Webinar May 19th 2022: Live Attack Simulation - XDR vs. Modern Ransomware (lien direct) |
Throughout history, sometimes truth ends up being even stranger than fiction. Today's parade of multi-million dollar ransomware payout headlines is no exception: cybercriminals and ransomware gangs are outgunning prevention tech and response strategies. Attackers are operationalizing exploits at a record rate, targeting more organizations and are operating to reduce dwell time. |
Ransomware | ||
|
2022-05-03 13:13:09 | The U.K. Cyber Strategy: Developing Cybersecurity Skills, Knowledge and Culture (lien direct) |
In the final installment of our five-part blog series on the U.K. Government Cybersecurity Strategy for 2022-2030, we spoke with Greg Day, Cybereason's Vice President and Global Field Chief Information Security Officer (CISO) for the EMEA region, to get his perspective on the strategy's final objective: Developing the right cybersecurity skills, knowledge, and culture. |
|||
|
2022-05-02 18:35:55 | (Déjà vu) Webinar May 12th 2022: Live Attack Simulation - Ransomware Threat Hunter Series (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. |
Ransomware Threat | ||
|
2022-05-02 13:53:18 | Malicious Life Podcast: Operation Sundevil and the Birth of the EFF (lien direct) |
In May 1990, officials from several law enforcement agencies gathered in Phoenix, Arizona, to announce a nationwide crackdown on illegal computer activity. This massive operation, carried out by hundreds of Secret Service and FBI agents, was focused on a new type of crime: Hacking.
Yet, as Isaac Newton said, for every action there is an equal and opposite reaction, and the reaction to Operation Sundevil was the birth of a new power in the cybersphere: the Electronic Frontier Foundation - check it out… |
|||
|
2022-04-28 19:29:31 | Cybereason and Google Cloud: This is XDR Tour (lien direct) |
This is XDR: A Revolution in Five Acts charts the evolution of cybersecurity over the past decade and how it's led to the solution Defenders have been waiting for: Cybereason XDR powered by Google Cloud. |
|||
|
2022-04-28 13:43:29 | (Déjà vu) The U.K. Cyber Strategy and Minimizing the Impact of Cybersecurity Incidents (lien direct) |
The following is the fourth installment of our blog series outlining how Cybereason XDR maps to each of the five objectives contained in the U.K. Government Cybersecurity Strategy for 2022-2030. |
★★ | ||
|
2022-04-27 12:52:10 | Distributed Machine Learning Models Done Right (lien direct) |
One of the core Cybereason products is designed to run on the user's machine and block advanced MalOps (malicious operations) in real-time. This requires a heuristic model, embedded in a C++ application, that runs on millions of machines simultaneously. To complicate things even further, the app runs on machines we don't own and have limited access to. |
|||
|
2022-04-27 12:43:48 | Why XDR Adoption Should Be a CISO Priority (lien direct) |
At the start of 2022, the results of a survey were published where CISOs and other security leaders shared their top cybersecurity challenges. “Managing increased risk of ransomware/cyber-extortion” came out on top, with 29% of respondents saying this is their biggest concern. |
Guideline | ||
|
2022-04-26 12:45:55 | The State of Ransomware in the Retail Sector (lien direct) |
How many ransomware attacks did Retailers suffer in 2021? As reported by Infosecurity Magazine, the volume of ransomware attacks grew 105% between 2020 and 2021 to 623 million attack attempts. Much of this growth took place in the Public sector, with government agencies encountering a rise of 1885%. |
Ransomware | ★★ | |
|
2022-04-25 13:10:28 | Malicious Life Podcast: MITRE Attack Flow Project (lien direct) |
The MITRE Attack Flow Project is essentially a new way to visualize, analyze and share knowledge about sequences of adversary behavior. Ingrid Skoog, Ass. Director of R&D at the Center for Threat-Informed Defense, and Cybereason CISO Israel Barak discuss the benefits of the MITRE Attack Flow project to Defenders and executives alike - check it out… |
|||
|
2022-04-25 11:47:39 | (Déjà vu) THREAT ANALYSIS REPORT: SocGholish and Zloader – From Fake Updates and Installers to Owning Your Systems (lien direct) |
The Cybereason Global Security Operations Center (GSOC) Team issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. |
Threat | ||
|
2022-04-22 13:00:01 | Seven Ways Cybereason Enhances Your Cyber Insurance Investment (lien direct) |
The volume, sophistication, and costs associated with today's cyberattacks, particularly ransomware, are forcing rapid changes in the risk assessment process that insurance carriers undertake to determine a policyholder's overall cyber risk and insurability. |
|||
|
2022-04-21 12:00:00 | Leveraging Cybereason DFIR to Contain Attacks in Minutes (lien direct) |
Today, many organizations find themselves vulnerable to breaches because security analysts lack the tools to quickly investigate and remediate all aspects of a threat. The modern security toolkit is varied by necessity, with different tools required to effectively perform different tasks. |
|||
|
2022-04-20 12:54:34 | How Strategic Detections Set XDR Apart (lien direct) |
Data breaches set a record high volume in 2021. According to CNET, 1,862 publicly reported data breaches took place over the course of the year. This volume surpassed the 1,108 data breaches in 2020 and broke the record of 1,506 security incidents set back in 2017. |
|||
|
2022-04-19 15:19:33 | Malicious Life Podcast: The Aaron Swartz Story (lien direct) |
When 24-year-old Aaron Swartz was caught scraping millions of science articles off of JSTOR, he faced up to 35 years in prison plus a fine of up to 1 million dollars. Did Aaron's crime justify such a harsh punishment? Check it out… |
|||
|
2022-04-19 12:53:51 | Ransomware Attacks: Can Cyber Insurance Protect Your Organization? (lien direct) |
Cyber insurance premiums have increased significantly over the last few years. Just in October 2021, for instance, TechTarget shared how cyber insurance premiums had increased 50%, with some quotes jumping as high as 100%. |
|||
|
2022-04-14 12:49:45 | SOC Modernization: Measures and Metrics for Success (lien direct) |
Ask many SoC managers or business leaders how they measure the success of their security operations capabilities, and they will tell you it's the MTTD and MTTR. |
Guideline | ||
|
2022-04-13 19:01:33 | Everything Cybereason at the 2022 RSA Conference! (lien direct) |
The Cybereason team is excited to have you join us at the 2022 RSA Conference June 6-9, 2022 at the Moscone Center in San Francisco! Don't miss the immersive Cybereason digital experience at booth S-735 in the South Expo Hall. We're showing off the unmatched power and capability of Cybereason XDR powered by Google Cloud with a one-of-a-kind activation. |
|||
|
2022-04-13 15:38:18 | Webinar April 26th: Profile of the Dark Economy of Ransomware (lien direct) |
Ransomware operators have steadily become more sophisticated and more aligned with nation-state actors making ransomware an existential threat for enterprises. |
Ransomware Threat | ||
|
2022-04-13 12:37:29 | Security Budgets Are Increasing - But So Are Attacks (lien direct) |
Most organizations are planning to increase their cybersecurity budgets for 2022. In a 2021 survey covered by Dark Reading, 81% of organizations revealed that they're committed to growing their cybersecurity budgets over the coming year. |
|||
|
2022-04-12 12:05:04 | White Paper: Inside Complex RansomOps and the Ransomware Economy (lien direct) |
Ransomware operations have transformed dramatically over the last few years from a small cottage industry conducting largely nuisance attacks to a highly complex business model that is extremely efficient and specialized with an increasing level of innovation and technical sophistication. |
Ransomware | ||
|
2022-04-11 17:10:06 | (Déjà vu) Detecting Cyber Events is Key to U.K. Cybersecurity Strategy (lien direct) |
The following is the third installment of our five-part blog series outlining how Cybereason XDR maps to each of the five objectives contained in the U.K. Government Cybersecurity Strategy for 2022-2030. |
|||
|
2022-04-11 12:45:06 | Malicious Life Podcast: The Russia-Ukraine Cyberwar (lien direct) |
Before it invaded Ukraine, Russia was considered a cyber superpower–and rightfully so. But a month and a half into the war, the lights in Ukraine are still on, as well as cellular communications and other important infrastructure. Cybereason CEO Lior Div, CTO Yonatan Striem-Amit, and CSO Sam Curry examine what we know so far about the conflict and what we might see in the near future - check it out… |
|||
|
2022-04-07 20:14:00 | Webinar April 27th: Solving the Incident Response Data Problem (lien direct) |
When an organization is under attack, every second counts. Adversaries continue to evolve their attack tactics, techniques and procedures, which means that defenses and response actions must evolve as well. Cybereason and IBM bring together industry leading tools and expertise that have done just that. |
Guideline | ||
|
2022-04-06 18:00:17 | Operation Bearded Barbie: APT-C-23 Campaign Targeting Israeli Officials (lien direct) |
Over the last several years, the Cybereason Nocturnus Team has been tracking different APT groups operating in the Middle East region, including two main sub-groups of the Hamas cyberwarfare division: Molerats and APT-C-23. Both groups are Arabic-speaking and politically-motivated that operate on behalf of Hamas, the Palestinian Islamic-fundamentalist movement and a terrorist organization that has controlled the Gaza strip since 2006. |
APT-C-23 | ||
|
2022-04-06 13:16:38 | Evaluating XDR Solutions? Caveat Emptor - Buyer Beware (lien direct) |
A recent study found that the majority of security professionals said that their organizations are planning to adopt Extended Detection and Response (XDR). The report indicated that 80% of infosec pros said XDR should be a top cybersecurity priority for their organization, and 68% said that their organization was planning on investing in an XDR solution deployment across their environments in 2022. |
|||
|
2022-04-05 15:46:55 | Malicious Life Podcast: Chris Roberts - Hackers on a Plane (lien direct) |
When Chris Roberts landed at Syracuse, NY, two FBI agents were waiting to escort him off the airplane. Apparently, this wasn't the first time that the Gray Hat hacker was suspected of hacking into an aircraft's control system - while in flight. Is risking the lives of hundreds of passengers a price worth paying for uncovering major vulnerabilities in an aircraft's network? Check it out… |
|||
|
2022-04-05 13:15:06 | Ransomware vs. AI: The Battle Between Machines (lien direct) |
According to recent reporting, the majority of respondents said their organizations were targeted by a ransomware attack in 2021. In an independent global study covered by Forbes, 80% of IT and security professionals indicated that ransomware attacks had hit their organizations during the year. |
Ransomware | ||
|
2022-04-04 17:56:10 | Cybereason and IBM: A Better Way to do Enterprise IR (lien direct) |
Attempts to develop robust enterprise incident response (IR) processes continue to be hampered by three main challenges: The increasing volume of cybersecurity incidents, a continued shortage of skilled cybersecurity talent, and a dizzying array of disconnected security tools. |
|||
|
2022-04-01 13:30:20 | Undefeated in MITRE ATT&CK Evaluations - Undefeated Against Ransomware (lien direct) |
MITRE ATT&CK Enterprise Evaluations have radically accelerated the effectiveness of today's cyber defenses the world over. These unbiased and transparent tests push vendors to develop and prove that their technology can stand up against today's most determined and sophisticated adversaries.
This year, Cybereason achieved the best results in the history of these evaluations:
Cybereason leads the industry in the MITRE ATT&CK Enterprise Evaluation 2022 |
Ransomware Guideline | ||
|
2022-04-01 09:00:00 | Lapsus$ Activity Betrays Nation-State Motivation (lien direct) |
|
|||
|
2022-04-01 05:00:00 | (Déjà vu) Webinar April 14th: Live Attack Simulation - Ransomware Threat Hunter Series (lien direct) |
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response.
Join this session to learn more about how mature security teams can more effectively manage a modern ransomware operation and avoid a system-wide takeover by bad actors - delivered through a step-by-step walkthrough of an attack:
Why ransomware continues to evolve & common delivery methods
The differences and similarities between ransomware and other forms of malware
Common methods attackers use to escalate their operations
Reliable techniques Defenders can use to end active ransomware operators in their environments
|
Ransomware Threat | ||
|
2022-03-31 20:07:58 | Cybereason Excels in the 2022 MITRE ATT&CK® Evaluations: 100% Prevention, Visibility and Real-Time Protection (lien direct) |
The MITRE Engenuity ATT&CK® Evaluations for Enterprise has quickly become the de facto authority for measuring the effectiveness of security solutions against real world scenarios that mimic advanced persistent threat attack progressions. |
Threat | ||
|
2022-03-31 12:41:28 | How Cybereason Enables the U.K. to Defend Against Cyberattacks (lien direct) |
The following is the second installment of our five-part blog series outlining how Cybereason XDR maps to each of the five objectives contained in the U.K. Government Cybersecurity Strategy for 2022-2030. |
|||
|
2022-03-31 12:37:04 | (Déjà vu) CISO Stories Podcast: CISO Priorities for 2022 (lien direct) |
For security leaders, it can be hard to catch a break when faced with the increasingly challenging task of defending their organizations from evolving threats while simultaneously fighting the battle of the budget in an effort to do more with less. |
Guideline | ||
|
2022-03-30 13:06:43 | Four Ways XDR Optimizes Your Security Stack (lien direct) |
Dwell time, or the time between when an attacker gains access to a network and when their activity is finally detected is a significant indicator for both the potential impact of a cyberattack on the organization and the overall effectiveness of an organization's security program efficacy. |
To see everything:
Our RSS (filtrered)
