This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T12:20:31+00:00 www.secnews.physaphae.fr CybeReason - Vendor blog Tensions are high right now in Eastern Europe. Russia has massed troops on the border of Ukraine and continues to stoke fears that they will invade and forcibly annex the former Soviet state. There has not been any overt military action as of yet, but there was a bit of a “warning shot” today as more than a dozen Ukrainian government websites-as well as websites for the US, UK, and Swedish embassies-were targeted by a cyberattack.]]> 2022-01-14T17:58:35+00:00 https://www.cybereason.com/blog/ukraine-government-and-embassy-websites-attacked www.secnews.physaphae.fr/article.php?IdArticle=3966374 False None None None CybeReason - Vendor blog Managed Detection and Response (MDR) isn't a new concept. Organizations of all shapes and sizes work with security vendors to help manage their network security and address common use cases such as; talent shortages, operations teams that are stretched thin, alert fatigue, and 24x7 threat hunting and remediation.  ]]> 2022-01-14T17:03:05+00:00 https://www.cybereason.com/blog/the-malop-severity-score-because-every-second-counts www.secnews.physaphae.fr/article.php?IdArticle=3965495 False Threat None None CybeReason - Vendor blog Information is meant to be shared with others- others with a need to know, that is. But CISOs may find that their organization is sharing with entities without proper procedures in place. CCO/CPO Samantha Thomas joins the podcast to discuss how she tackled this dilemma and subsequently changed the law in the process - check it out...]]> 2022-01-13T14:15:48+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-privacy-hunger-games-change-the-rules www.secnews.physaphae.fr/article.php?IdArticle=3957620 False None None None CybeReason - Vendor blog A market leader in cybersecurity, Cybereason surged out of the gate 10 years ago and has been growing exponentially since. With new technologies constantly emerging and new markets opening globally, Cybereason offers an expanding variety of careers. It's the ideal culture for passionate, evolving people such as Sarah Cohen, Cybereason Senior Sales Manager for the North American market. Below, Sarah talks about what it's like to work in one of the world's most innovative, flexible environments-the champion for today's cyber Defenders.]]> 2022-01-13T14:11:43+00:00 https://www.cybereason.com/blog/on-becoming-a-defender-at-cybereason www.secnews.physaphae.fr/article.php?IdArticle=3957621 False Guideline None None CybeReason - Vendor blog When Sibel Narin-Farooq decided to look for a more challenging position two and a half years ago, she quickly received two offers from a well-known firm in finance. Instead, she pursued an opportunity that struck her as a riskier option-an Executive Assistant role at Cybereason, a company she'd never heard of in a field where she had no experience.]]> 2022-01-13T10:00:00+00:00 https://www.cybereason.com/blog/on-defending-clients-and-promoting-growth www.secnews.physaphae.fr/article.php?IdArticle=3965497 False None None None CybeReason - Vendor blog Despite spending millions of dollars on cybersecurity tools over the past few years, most organizations still can't detect or respond to cyber attacks in a reasonable timeframe. According to Verizon's 2021 Data Breach Investigations Report (DBIR), 60% of incidents were discovered within days. However, in 20% of attacks, it took months or longer before organizations realized a breach had occurred. ]]> 2022-01-12T14:06:05+00:00 http://www.cybereason.com/blog/cybereason-xdr-10x-faster-response www.secnews.physaphae.fr/article.php?IdArticle=3952462 False Data Breach None None CybeReason - Vendor blog As attacks get more complex, organizations are increasingly prioritizing threat detection and response capabilities. In a January 2020 survey, the SANS Institute learned that half of IT and security leaders planned on increasing their investment in network detection and response tools to help their organizations better defend against emerging threats. ]]> 2022-01-12T14:00:22+00:00 http://www.cybereason.com/blog/edr-mdr-and-xdr-what-are-the-differences www.secnews.physaphae.fr/article.php?IdArticle=3952463 False Threat,Guideline None None CybeReason - Vendor blog At the beginning of 2021, security researcher Orange Tsai reported a series of vulnerabilities targeting Microsoft Exchange servers dubbed ProxyLogon. The Cybereason Incident Response team encountered many compromises during the year that involved these vulnerabilities. Additional vulnerabilities were disclosed during the year by Orange and others, including ProxyOracle and the last one in August dubbed ProxyShell. ]]> 2022-01-11T13:40:10+00:00 http://www.cybereason.com/blog/threat-analysis-report-datoploader-exploits-proxyshell-to-deliver-qbot-and-cobalt-strike www.secnews.physaphae.fr/article.php?IdArticle=3947500 False None None None CybeReason - Vendor blog Government agencies have seen plenty of ransomware attacks over the course of this past year. According to ZDNet, malicious actors used ransomware to target government entities more than any other sector in H1 2021. ]]> 2022-01-11T10:00:00+00:00 http://www.cybereason.com/blog/the-state-of-ransomware-in-the-public-sector www.secnews.physaphae.fr/article.php?IdArticle=3952465 False Ransomware None None CybeReason - Vendor blog Cybercriminals constantly evolve the tactics, techniques, and procedures they use to execute attacks to find innovative ways to bypass or circumvent security controls. Sometimes the best strategy is the simplest one, though, and may succeed in catching targets off guard. A new warning from the FBI cautions US companies to be on alert for an old tactic that is apparently being used again-tricking users into connecting a malicious USB device. ]]> 2022-01-10T21:25:03+00:00 http://www.cybereason.com/blog/fbi-warns-us-companies-to-avoid-malicious-usb-devices www.secnews.physaphae.fr/article.php?IdArticle=3944686 False None None None CybeReason - Vendor blog From the late '80s to early 2000s, the NSA transitioned from being a hardware-first organization - that is, creating and operating physical spying devices - to software-first: excelling in hacking networks, tracking people online, etc. That transition was by no means easy: the NSA, by that point, was a huge organization - and big organizations are notorious for being very resistant to change. Jeff Man, our guest today, was one of the first people at the NSA to make the transition from hardware to software, and he shares with us his experiences from that period - check it out…]]> 2022-01-10T14:04:41+00:00 http://www.cybereason.com/blog/malicious-life-podcast-how-the-internet-changed-the-nsa www.secnews.physaphae.fr/article.php?IdArticle=3943326 False None None None CybeReason - Vendor blog Nils Lonberg, a Ph.D. from Harvard, was a revolutionary scientist who made groundbreaking contributions to cancer research. In the book The Elegant Defense, author Matt Richtel outlines how “for centuries, the fight against cancer had been built on the idea of attacking the cancer,” but Lonberg leveraged the fact that cancer gets out of control because the immune system receives “a signal to stop from the cancer,” and thinks the signal is legitimate. He focused on targeting how the cancer interacted with the immune system, and his work was published in the 2007 New England Journal of Medicine. ]]> 2022-01-10T13:59:36+00:00 http://www.cybereason.com/blog/building-enterprise-immunity-with-xdr www.secnews.physaphae.fr/article.php?IdArticle=3943327 False None None None CybeReason - Vendor blog When is an endpoint attack just an endpoint attack? In today's world of advanced persistent threats and ransomware, an attack that stops at the endpoint is now a rare event.]]> 2022-01-07T14:10:22+00:00 http://www.cybereason.com/blog/cybereason-xdr-10x-productivity-boost-from-unified-investigations www.secnews.physaphae.fr/article.php?IdArticle=3936922 False None None None CybeReason - Vendor blog In many organizations, the CISO will be looked at as the leading expert in incident response, but often has little involvement in the selection, planning, and training for the Enterprise Incident Management Program. Dawn-Marie Hutchinson, CISO at Optiv, has navigated organizations during crises with a “play like you practice” approach - check it out...]]> 2022-01-06T15:21:04+00:00 http://www.cybereason.com/blog/ciso-stories-podcast-server-room-to-war-room-enterprise-incident-response www.secnews.physaphae.fr/article.php?IdArticle=3932300 False Guideline None None CybeReason - Vendor blog The advent of Extended Detection and Response (XDR) offers an edge against advanced attacks, but many of the so-called "XDR approaches" available today are actually little more than extensions of current EDR solutions that rely on known Indicators of Compromise (IOCs) to find and block known threats. While they can deliver more visibility across network assets, they don't deliver the correlation necessary to weed out novel attacks where known IOCs are not available. In contrast, Advanced XDR leverages artificial intelligence (AI) and machine learning (ML) to automatically correlate telemetry from across disparate network assets to reveal attacks that have never been seen before. Advanced XDR detects earlier based on the more subtle chains of potentially malicious behavior to allow Defenders to remediate faster, and here's why.]]> 2022-01-05T14:47:28+00:00 http://www.cybereason.com/blog/automating-the-r-in-your-xdr-strategy www.secnews.physaphae.fr/article.php?IdArticle=3927747 False None None None CybeReason - Vendor blog We are excited to share that Built In, the online community for startups and tech companies, has named Cybereason to three of Boston's 2022 Best Places to Work lists: Boston Best Places to Work, Boston Best Paying Companies, and Boston Best Large Companies to Work For.]]> 2022-01-05T14:43:25+00:00 http://www.cybereason.com/blog/cybereason-nabs-three-built-in-bostons-best-places-to-work-2022-awards www.secnews.physaphae.fr/article.php?IdArticle=3927748 False None None None CybeReason - Vendor blog When the FBI asked Apple to write code that would give the FBI access to a suspect's iPhone following the 2015 mass shooting in San Bernardino, Apple refused, arguing that forcing it to write code goes against the First Amendment. Apple's claim wasn't the first time that this highly controversial claim was invoked in judicial proceedings - check it out…]]> 2022-01-04T14:08:28+00:00 http://www.cybereason.com/blog/malicious-life-podcast-does-code-free-speech www.secnews.physaphae.fr/article.php?IdArticle=3923104 False None None None CybeReason - Vendor blog It's the end of another year. It feels a bit “Groundhog Day”- like a repeat of the end of 2020-as we head into a new year with the world battling the COVID pandemic and IT teams around the world responding to a massive cybersecurity event.   If we focus on the right things, though, we can break the cycle in 2022.   ]]> 2021-12-31T14:34:08+00:00 http://www.cybereason.com/blog/a-new-cybersecurity-philosophy-for-the-new-year www.secnews.physaphae.fr/article.php?IdArticle=3911935 False None None None CybeReason - Vendor blog As if CISOs don't have enough to focus on, here's a few more items that should be top of mind. KAR Global CISO Leon Ravenna dives into cyber insurance and why D&O requirements may be on the horizon, regulatory burdens and what to expect out of the US Government, how the intersection of Security and Privacy is impacting CISOs, and a little security buzzword bingo and how to deal with the latest “fads” like CASB, ZTNA, SASE and more - check it out...]]> 2021-12-29T12:00:00+00:00 http://www.cybereason.com/blog/ciso-stories-podcast-key-issues-to-cover-for-todays-cisos www.secnews.physaphae.fr/article.php?IdArticle=3903845 False None None None CybeReason - Vendor blog A digital 'vaccine' was released to address Log4Shell, which has been called “the single biggest, most critical vulnerability ever.” Nate Nelson talks to Yonatan Striem-Amit, CTO & Co-Founder of Cybereason about the Log4j vulnerability and about the unusual vaccine dubbed Logout4Shell that uses the Log4j exploit to close the vulnerability - check it out…]]> 2021-12-27T12:00:00+00:00 http://www.cybereason.com/blog/malicious-life-podcast-logout4shell-a-digital-vaccine-for-log4shell www.secnews.physaphae.fr/article.php?IdArticle=3889897 False Vulnerability None None CybeReason - Vendor blog Cybereason has been named to Battery Ventures' 5th Annual list of Highest-Rated Cloud-Computing Companies To Work For, a ranking of the top 25 privately held cloud companies. ]]> 2021-12-23T14:14:11+00:00 https://www.cybereason.com/blog/cybereason-named-highest-rated-cloud-computing-company-to-work-for-by-battery-ventures www.secnews.physaphae.fr/article.php?IdArticle=3860786 False None None None CybeReason - Vendor blog Cybereason has partnered  with M.Tech, one of the largest cybersecurity and network performance solutions distributors in Asia, to provide organizations the ability to predict, detect and respond to cyberattacks at planetary scale and maximum speed across endpoints, networks, identities, the cloud and application workspaces.]]> 2021-12-23T10:00:00+00:00 http://www.cybereason.com/blog/cybereason-partners-with-m.tech-to-strengthen-organizations-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=3889899 False None None None CybeReason - Vendor blog Cybersecurity talent shortages are well documented, and asking experienced cybersecurity professionals to spend countless hours on routine tasks does not promote retention. The adversaries are leveraging data science to attack our enterprises and consumers, so we need to find a better way to defend.]]> 2021-12-22T13:17:54+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-model-driven-security-leveraging-data-science www.secnews.physaphae.fr/article.php?IdArticle=3848548 False None None None CybeReason - Vendor blog In a recent study, titled Ransomware: The True Cost to Business, we found that the costs of ransomware have increased for organizations. We learned that two-thirds of organizations experienced significant revenue loss following a ransomware attack, for instance.]]> 2021-12-21T13:12:29+00:00 https://www.cybereason.com/blog/historys-most-notorious-ransomware-gangs-1 www.secnews.physaphae.fr/article.php?IdArticle=3839339 False Ransomware None None CybeReason - Vendor blog In 2003, Shawn Carpenter - an employee of Sandia National Laboratory - was at a crossroads: should he ignore a Chinese attack against U.S. targets, as his superiors ordered him to do, or do what he thinks is right and continue investigating the case on his own? Check it out…]]> 2021-12-20T12:51:12+00:00 https://www.cybereason.com/blog/malicious-life-podcast-shawn-carpenter-a-cyber-vigilante www.secnews.physaphae.fr/article.php?IdArticle=3831350 False None None None CybeReason - Vendor blog It has been a uniquely amazing week for me and for Cybereason. We started the week by sharing LogOut4Shell-a free vaccine we developed to prevent the Log4Shell vulnerability from being exploited. Then we hosted DefenderCon '21 and launched Cybereason XDR powered by Google Chronicle. ]]> 2021-12-17T23:09:51+00:00 https://www.cybereason.com/blog/the-first-true-xdr-solution www.secnews.physaphae.fr/article.php?IdArticle=3817978 False Vulnerability None None CybeReason - Vendor blog UPDATE 12/17/21: The Logout4Shell Vaccine has been updated to add a persistent option in addition to the existing one which reverted upon server restart. The previous version of the Vaccine used the Log4Shell vulnerability to remove the JNDI interpolator entirely from all logger contexts to prevent the vulnerability from being exploited in the running JVM (server process). This update not only fixes the vulnerability, but also edits the jar file on disk to remove the JndiLookup class to permanently mitigate the Log4Shell vulnerability on a running server. It also performs additional changes on the plugin registry.  Due to the nature of the permanent solution, there is nominal risk involved, so the Vaccine offers the option to execute the completely safe but temporary solution, or the slightly more risky but permanent solution. The documentation has been updated to reflect that we now support both options.  The Log4shell vulnerability still requires patching. This updated Logout4Shell mitigation option can provide security teams the time required to roll out patches while reducing the risk from exploits targeting the Log4j vulnerability. The latest version is pushed to our github at https://github.com/Cybereason/Logout4Shell   UPDATE 12/15/21: Our initial vaccine approach was to set the formatMsgLookup flag to "true" and reconfigured the Log4j logger, which supported versions >= 2.10.0. In this updated Vaccine technique, in order to support older versions < 2.10.0, the "flag" no longer exists and instead it removes the JNDI interpolator entirely from all logger contexts. The update also pushes an additional fix to make this removal behavior the "default" even in cases where the "flag" is still supported. We still highly recommend upgrading to 2.16.0, or removing the JNDI class entirely from each server if upgrading to the latest patched version is not possible for your organization at this time. This updated Vaccine version also mitigates the most recent lower severity vulnerability disclosure (CVE-2021-45046) which was patched in log4j version 2.16.0. This vulnerability showed that in certain scenarios, for example, where attackers can control a thread-context variable that gets logged, even the flag log4j2.formatMsgNoLookups is insufficient to mitigate Log4shell. The text below has been updated to reflect the latest guidance and changes to the temporary workaround Vaccine developed by Cybereason. ============================================================= Cybereason researchers have developed and released a “vaccine” for the Apache Log4Shell vulnerabilities (CVE-2021-44228) and (CVE-2021-4504]]> 2021-12-17T15:00:00+00:00 http://www.cybereason.com/blog/cybereason-releases-vaccine-to-prevent-exploitation-of-apache-log4shell-vulnerability-cve-2021-44228 www.secnews.physaphae.fr/article.php?IdArticle=3889904 False Vulnerability None None CybeReason - Vendor blog The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. ]]> 2021-12-16T17:48:04+00:00 https://www.cybereason.com/blog/threat-analysis-report-inside-the-lockbit-arsenal-the-stealbit-exfiltration-tool www.secnews.physaphae.fr/article.php?IdArticle=3808681 True Tool,Threat None None CybeReason - Vendor blog Cybereason is pleased to release a comprehensive guide to Cybereason XDR Powered by Google Chronicle. This exceptional resource, titled The Definitive Guide to Achieving 10X the Security Results Without 10X the Work, is intended for security leaders who are seeking answers to how XDR can help them address the most pressing operational and business challenges facing cybersecurity teams.]]> 2021-12-16T13:46:51+00:00 https://www.cybereason.com/blog/the-definitive-guide-cybereason-xdr www.secnews.physaphae.fr/article.php?IdArticle=3807017 False Guideline None None CybeReason - Vendor blog The CISO has trained the workforce and completed the security awareness month annual training. But what about the CISO? How does the CISO ensure that the proper skills are maintained for the CISO to be able to continue to lead the security organization?]]> 2021-12-16T13:16:20+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-cisos-need-training-too www.secnews.physaphae.fr/article.php?IdArticle=3807018 False Guideline None None CybeReason - Vendor blog Log4Shell is a vulnerability (CVE-2021-44228) impacting Apache Log4j which was disclosed on the project's GitHub on December 9, 2021. The flaw has the highest possible severity rating of 10 and is pervasive. ]]> 2021-12-15T17:56:17+00:00 https://www.cybereason.com/blog/how-cybereason-prevents-and-detects-exploits-leveraging-log4shell-vulnerability www.secnews.physaphae.fr/article.php?IdArticle=3801443 False Vulnerability None None CybeReason - Vendor blog The AI-driven Cybereason XDR Platform delivers unprecedented prevention, detection and response capabilities to protect endpoints, user personas, cloud workloads and application workspaces with unmatched speed and accuracy on a planetary scale. ]]> 2021-12-15T15:13:11+00:00 https://www.cybereason.com/blog/ai-driven-cybereason-xdr-and-edr-now-available-on-google-cloud-marketplace www.secnews.physaphae.fr/article.php?IdArticle=3800498 False None None None CybeReason - Vendor blog Cybereason and Google Cloud have unveiled Cybereason XDR powered by Google Chronicle, the first AI-driven XDR platform capable of ingesting and analyzing threat data from across the entire IT environment.]]> 2021-12-14T13:41:32+00:00 https://www.cybereason.com/blog/introducing-cybereason-xdr-powered-by-google-chronicle www.secnews.physaphae.fr/article.php?IdArticle=3793899 False Threat None None CybeReason - Vendor blog Cybereason is honored to announce that security industry pioneer Art Coviello Jr. has joined the Cybereason Board of Directors. Coviello is a cybersecurity icon who formerly served as President and CEO of RSA Security, and as Executive Vice President of EMC, heading the Security Division following its acquisition of RSA.]]> 2021-12-13T15:04:15+00:00 https://www.cybereason.com/blog/security-industry-innovator-art-coviello-joins-cybereason-board-of-directors www.secnews.physaphae.fr/article.php?IdArticle=3788902 False None None 5.0000000000000000 CybeReason - Vendor blog In November of 2021, Cybereason released a special report, titled Organizations at Risk: Ransomware Attackers Don't Take Holidays, focusing on the threat of ransomware attacks during weekends and holidays. Nate Nelson, our senior producer, talked with Ken Westin, Director of Security Strategy at Cybereason, about why attackers love holidays and weekends, and why ransomware attacks during these times are so effective and dangerous - check it out...]]> 2021-12-13T13:08:24+00:00 https://www.cybereason.com/blog/malicious-life-podcast-ransomware-attackers-dont-take-holidays www.secnews.physaphae.fr/article.php?IdArticle=3788417 False Ransomware,Threat None None CybeReason - Vendor blog Cybereason researchers have developed and release a “vaccine” for the Apache Log4Shell vulnerability (CVE-2021-44228). The vaccine is now freely available on GitHub. It is a relatively simple fix that requires only basic Java skills to implement and is freely available to any organization. Cybereason previously announced that none of the company's products or services were impacted by the vulnerability.]]> 2021-12-10T23:55:00+00:00 https://www.cybereason.com/blog/cybereason-releases-vaccine-to-prevent-exploitation-of-apache-log4shell-vulnerability-cve-2021-44228 www.secnews.physaphae.fr/article.php?IdArticle=3777527 False Vulnerability None None CybeReason - Vendor blog A newly revealed vulnerability impacting Apache Log4j 2 versions 2.0 to 2.14.1 was disclosed on the project's GitHub on December 9, 2021, and designated as CVE-2021-44228 with the highest severity rating of 10. ]]> 2021-12-10T21:08:07+00:00 https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228 www.secnews.physaphae.fr/article.php?IdArticle=3776856 False Vulnerability None 2.0000000000000000 CybeReason - Vendor blog Cybereason this week announced support for Endpoint Controls and pre-execution and at rest NGAV protection for Linux.]]> 2021-12-10T16:13:20+00:00 https://www.cybereason.com/blog/cybereason-extends-feature-support-for-linux www.secnews.physaphae.fr/article.php?IdArticle=3775311 False None None None CybeReason - Vendor blog Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. ]]> 2021-12-10T02:00:00+00:00 https://www.cybereason.com/blog/webinar-january-11th-2022-live-attack-simulation-ransomware-threat-hunte www.secnews.physaphae.fr/article.php?IdArticle=3793905 True Ransomware,Threat None None CybeReason - Vendor blog The Cybereason Global Security Operations Center (SOC) issues Cybereason Threat Alerts to inform customers of emerging impacting threats. The Alerts summarize these threats and provide practical recommendations for protecting against them. ]]> 2021-12-09T20:10:19+00:00 https://www.cybereason.com/blog/threat-alert-the-return-of-emotet www.secnews.physaphae.fr/article.php?IdArticle=3770547 True Threat None None CybeReason - Vendor blog Are you reporting the same risks each year to management? This may be indicative of a lack of incentive or buy-in from senior management to fund security investments. Chris Apgar, CEO and President at Apgar & Associates, joins the podcast to discuss how to show senior management that funding these initiatives is more than just risk avoidance - check it out...]]> 2021-12-09T13:44:22+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-no-senior-management-buy-in-no-success www.secnews.physaphae.fr/article.php?IdArticle=3768052 False None None None CybeReason - Vendor blog Cybereason today announced CK Chim, Chim was most recently Dyson's Chief Information Security Officer (CISO), has joined the company as Field Chief Security Officer for the Asia Pacific region, bringing more than 20 years of industry experience to the team.]]> 2021-12-09T04:02:00+00:00 https://www.cybereason.com/blog/cybereason-taps-former-dyson-ciso-ck-chim-as-field-cso-to-support-apac-expansion www.secnews.physaphae.fr/article.php?IdArticle=3766374 False None None None CybeReason - Vendor blog The pandemic has changed organizations' technology priorities profoundly over the last two years. In a study reported on by Business Wire, cybersecurity and hybrid working constituted the top enterprise technology priorities looking ahead to 2022, at 58% and 55% of organizations, respectively.]]> 2021-12-08T13:12:59+00:00 https://www.cybereason.com/blog/leveraging-the-xdr-advantage-in-the-midst-of-a-pandemic www.secnews.physaphae.fr/article.php?IdArticle=3762058 False None None None CybeReason - Vendor blog The number of global ransomware attacks is on the rise. According to Threatpost, the global volume of ransomware operations reached 304.7 million attacks in H1 2021. That's a year-over-year increase of 151%. What's more, that's 100k+ more attack attempts than what security researchers detected in all of 2020.]]> 2021-12-07T13:12:31+00:00 https://www.cybereason.com/blog/ransomware-by-the-numbers-an-impact-overview www.secnews.physaphae.fr/article.php?IdArticle=3756904 False Ransomware None None CybeReason - Vendor blog In light of a recent Cybereason research report, Organizations at Risk: Ransomware Attackers Don't Take Holidays, regarding the prevalence of ransomware attacks that occur during off-hours, it's imperative that we look towards robust AI security solutions, such that you can know your organization is protected even when none of your staff is online.]]> 2021-12-06T16:46:14+00:00 https://www.cybereason.com/blog/under-the-hood-what-artificial-intelligence-on-the-endpoint-looks-like www.secnews.physaphae.fr/article.php?IdArticle=3752887 False Ransomware None None CybeReason - Vendor blog In March, 2016, Microsoft had something exciting to tell the world: the tech giant unveiled an AI chatbot with the personality of a teenager. Microsoft Tay, as it was nicknamed, could tweet, answer questions and even make its own memes. But within mere hours of going live, Tay began outputting racist, anti-Semitic and misogynist tweets - check it out...]]> 2021-12-06T13:01:12+00:00 https://www.cybereason.com/blog/malicious-life-podcast-tay-a-teenage-bot-gone-rogue www.secnews.physaphae.fr/article.php?IdArticle=3751796 False None None None CybeReason - Vendor blog When I wrote the introduction for our recent report Organizations at Risk: Ransomware Attackers Don't Take Holidays, I described current factors and trends with the potential to disrupt the upcoming holiday season. ]]> 2021-12-03T19:01:52+00:00 https://www.cybereason.com/blog/cl0p-ransomware-gang-tries-to-topple-the-house-of-cards www.secnews.physaphae.fr/article.php?IdArticle=3743126 False Ransomware None None CybeReason - Vendor blog The Planned Parenthood Los Angeles affiliate announced that their computer network was hit by a ransomware attack. The compromise occurred between October 9 and 17 and affected around 400,000 patients' data.]]> 2021-12-02T16:07:45+00:00 https://www.cybereason.com/blog/planned-parenthood-ransomware-attack-puts-400000-patients-at-substantial-risk www.secnews.physaphae.fr/article.php?IdArticle=3737998 False Ransomware None None CybeReason - Vendor blog The Planned Parenthood branch in Los Angeles revealed that it was the victim of a ransomware attack that resulted in attackers obtaining sensitive information on about 400,000 patients. All ransomware attacks and data breaches are bad, but this one is particularly egregious because the sensitive nature of the compromised information could destroy families or possibly put lives in danger.]]> 2021-12-02T15:42:07+00:00 https://www.cybereason.com/blog/planned-parenthood-ransomware-attack-puts-lives-at-risk www.secnews.physaphae.fr/article.php?IdArticle=3737664 False Ransomware None None CybeReason - Vendor blog Infosec skills don't necessarily transfer to CISO skills, but CISO skills are 100% transferable to whatever your infosec career looks like. Richard Kaufmann VP/CISO at Amedisys discusses how growth begins outside of your comfort zone and why some of the CISO skills you can work on now include executive storytelling, internal coalition building, and how to be comfortable being uncomfortable - check it out...]]> 2021-12-02T13:16:25+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-skills-i-needed-to-be-a-first-time-ciso www.secnews.physaphae.fr/article.php?IdArticle=3737318 False None None None CybeReason - Vendor blog Cybereason and SiS International Limited, a leading IT distributor in Hong Kong, are partnering to protect enterprises in Hong Kong from today's sophisticated cyberattacks.]]> 2021-12-02T01:01:00+00:00 https://www.cybereason.com/blog/cybereason-partners-with-sis-international-to-protect-joint-customers-in-hong-kong www.secnews.physaphae.fr/article.php?IdArticle=3735254 False Guideline None None CybeReason - Vendor blog Mark your calendar for December 14 as Cybereason will be hosting DefenderCon'21 – a virtual conference celebrating our global cybersecurity community. Defenders from around the world will come together to hear from industry leaders and cybersecurity visionaries and learn what's on the horizon in our mission together to reverse the adversary advantage and end cyber attacks from endpoints to everywhere. ]]> 2021-12-01T15:04:34+00:00 https://www.cybereason.com/blog/join-us-for-defendercon-2021 www.secnews.physaphae.fr/article.php?IdArticle=3732325 False Guideline None None CybeReason - Vendor blog A congressional investigation into the ransomware attacks that targeted CNA Financial Corp., Colonial Pipeline Co., and JBS Foods USA found that in all three cases the attackers exploited “small failures” in the security postures of the companies.]]> 2021-12-01T14:02:43+00:00 https://www.cybereason.com/blog/ransomware-lessons-underscore-need-for-layered-predictive-defenses www.secnews.physaphae.fr/article.php?IdArticle=3731942 False Ransomware None None CybeReason - Vendor blog Cybersecurity professionals are simply not able to keep up with the growing flood of enterprise security alerts. A 2020 survey determined that the volume of security alerts had increased as much as 50% for four out of five SOC analysts over the preceding year, as reported by ITSecurityWire.]]> 2021-12-01T13:33:32+00:00 https://www.cybereason.com/blog/ai/ml-powered-automation-the-future-of-cybersecurity-at-scale www.secnews.physaphae.fr/article.php?IdArticle=3731943 False None None None CybeReason - Vendor blog This month Cybereason has released our next long-term support version, 21.1 LTS, that brings additional functionalities that drastically improve how defenders can predictively prevent, detect and respond to known and emerging threats. ]]> 2021-11-30T13:45:43+00:00 https://www.cybereason.com/blog/cybereason-v21.1-lts-advancing-prevention-detection-and-response www.secnews.physaphae.fr/article.php?IdArticle=3727966 False None None None CybeReason - Vendor blog Wondering where the scourge of ransomware attacks currently stands? In a recent report titled Ransomware: The True Cost to Business, we noted that ransomware attacks occur about every 11 seconds. That rate translates into about 3 million ransomware attacks over a year.]]> 2021-11-30T13:40:01+00:00 https://www.cybereason.com/blog/a-brief-history-of-ransomware-evolution www.secnews.physaphae.fr/article.php?IdArticle=3727967 False Ransomware None None CybeReason - Vendor blog The Wild West Hackin' Fest is a unique security conference - not only because it's held in South Dakota, and not only because of the Wild West visual vibe - but also because of the emphasis it puts on diversity and lowering the entry barriers for people who wish to join the world of information security. We talked at length with John Strand, one of the conference's founders - check it out...]]> 2021-11-29T12:55:53+00:00 https://www.cybereason.com/blog/malicious-life-podcast-wild-west-hackin-fest www.secnews.physaphae.fr/article.php?IdArticle=3722550 False None None None CybeReason - Vendor blog Cybereason recently released a research report, titled Organizations at Risk: Ransomware Attackers Don't Take Holidays, that focuses on the threat that ransomware attacks during the weekends and holidays pose to organizations as we move into the holiday season. The global survey includes responses from 1,200+ security professionals at organizations that have previously suffered a successful ransomware attack.]]> 2021-11-29T06:00:00+00:00 https://www.cybereason.com/blog/webinar-december-1st-ransomware-attackers-dont-take-holidays www.secnews.physaphae.fr/article.php?IdArticle=3727969 False Ransomware,Threat None None CybeReason - Vendor blog Cybersecurity programs have evolved from the early days of compliance with regulations. Regulations are important and provide the necessary motivation for many organizations to implement security controls that may not otherwise be present, but is this enough? Is it really security? LBMC's Mark Burnette joins the podcast as the differences between compliance and true security are discussed - check it out...]]> 2021-11-24T14:40:41+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-which-approach-wins-compliance-or-risk www.secnews.physaphae.fr/article.php?IdArticle=3703096 False None None None CybeReason - Vendor blog Double extortion is one of the most prevalent ransomware tactics today. The attackers first exfiltrate sensitive information from their target before launching the ransomware encryption routine. The threat actor then demands a ransom payment in order to regain access to the encrypted assets along with an additional threat to publicly expose or otherwise release the data if the ransom demand is not met promptly.]]> 2021-11-23T13:29:20+00:00 https://www.cybereason.com/blog/which-data-do-ransomware-attackers-target-for-double-extortion www.secnews.physaphae.fr/article.php?IdArticle=3698148 False Ransomware,Threat None None CybeReason - Vendor blog To capture Alexey Ivanov and his business partner and bring them to justice, the FBI created an elaborate ruse: a fake company named Invita, complete with a fake website and a fake office building. Ray Pompon, a security professional, was brought in as an 'evil security consultant' to convince Alexey to demonstrate his hacking skills on a pre-arranged honeypot - check it out...]]> 2021-11-22T13:34:10+00:00 https://www.cybereason.com/blog/malicious-life-podcast-inside-operation-flyhook-part-2 www.secnews.physaphae.fr/article.php?IdArticle=3693362 False None None None CybeReason - Vendor blog The changing of the leaves and the brisk fall mornings around Boston are a sign that 2021 is nearing its end. It's a time that I like to reflect on the year gone by and think about the potential for the new year. ]]> 2021-11-19T19:34:07+00:00 https://www.cybereason.com/blog/dear-defenders www.secnews.physaphae.fr/article.php?IdArticle=3682369 False None None None CybeReason - Vendor blog Managing the volume of security events and continuous threat intelligence can be daunting for the largest of organizations. How do you increase the effectiveness of a Security Operations Center (SOC) and share this information across the organization for greater efficiency and adoption? Ricardo Lafosse, CISO at Kraft Heinz, explains - check it out...]]> 2021-11-18T12:06:57+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-who-is-your-soc-really-for www.secnews.physaphae.fr/article.php?IdArticle=3674384 False Threat None None CybeReason - Vendor blog In June of 2021, Cybereason published a global research report, titled Ransomware: The True Cost to Business, which revealed that the vast majority of organizations that have suffered a ransomware attack experienced significant impact to the business as a result. The consequences included loss of revenue, damage to the organization's brand, unplanned workforce reductions, and disruption of business operations. ]]> 2021-11-17T05:03:00+00:00 https://www.cybereason.com/blog/cybereason-research-finds-organizations-unprepared-for-ransomware-attacks-on-weekends-and-holidays www.secnews.physaphae.fr/article.php?IdArticle=3668446 False Ransomware None None CybeReason - Vendor blog Successful ransomware attacks take time. They involve gaining a foothold in the enterprise, conducting reconnaissance, escalating privileges, and then locating and exfiltrating your organization's most sensitive data. The entire process, up until the point that the attackers encrypt your data, could take weeks or months.]]> 2021-11-17T05:02:00+00:00 https://www.cybereason.com/blog/predictive-ransomware-protection-the-key-to-ending-a-global-crisis www.secnews.physaphae.fr/article.php?IdArticle=3668447 False Ransomware None None CybeReason - Vendor blog Cybereason is joining forces with Moviri, the leading Italian technology consulting and software group specializing in analytics, IoT and cybersecurity solutions to deliver operation-centric security to joint customers. ]]> 2021-11-17T05:01:00+00:00 https://www.cybereason.com/blog/cybereason-partners-with-moviri-to-deliver-operation-centric-security www.secnews.physaphae.fr/article.php?IdArticle=3668448 False Guideline None None CybeReason - Vendor blog In a recent blog post we discussed how today's more complex RansomOps attacks are more akin to stealthy APT-like operations than the old “spray and pray” mass email spam campaign of old, and how  there are multiple players from the larger Ransomware Economy at work, each with their own specializations. ]]> 2021-11-16T14:28:03+00:00 https://www.cybereason.com/blog/ransomops-detecting-complex-ransomware-operations www.secnews.physaphae.fr/article.php?IdArticle=3666590 False Ransomware,Spam None None CybeReason - Vendor blog In 2016, for six straight months, communications between Canadian and Korean government networks were hijacked by China Telecom and routed through China. In 2017, traffic from Sweden and Norway to a large American news organization in Japan was hijacked to China for about 6 weeks.]]> 2021-11-15T14:45:26+00:00 https://www.cybereason.com/blog/malicious-life-podcast-inside-ip/bgp-hijacking www.secnews.physaphae.fr/article.php?IdArticle=3663456 False None None None CybeReason - Vendor blog Pretty much everyone is familiar with the carnival game Whack-a-Mole. No matter how many moles you bash with the mallet, it seems like two more pop up in its place. It's commonly used to describe cybersecurity and the ransomware news this week illustrates why Whack-a-Mole is an appropriate metaphor.]]> 2021-11-12T12:52:05+00:00 https://www.cybereason.com/blog/ransomware-whack-a-mole www.secnews.physaphae.fr/article.php?IdArticle=3652676 False Ransomware None None CybeReason - Vendor blog Earlier this year, the Cybereason Managed Detection and Response (MDR) service offering was named a Strong Performer in the Forrester Wave™: Managed Detection and Response, Q1 2021 report.]]> 2021-11-12T06:00:00+00:00 https://www.cybereason.com/blog/cybereason-and-nuspire-partner-to-empower-organizations-to-stop-cyber-attacks www.secnews.physaphae.fr/article.php?IdArticle=3652677 False None None None CybeReason - Vendor blog Today, data is everywhere as users are working remotely, storing information in the cloud, downloading to and from USB drives, and so on. William Miaoulis, CISO at Auburn University, joins the podcast to discuss some of the typical situations that lead to the exposure of sensitive information and how to prevent them - check it out...]]> 2021-11-11T14:12:40+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-do-you-know-where-your-data-is www.secnews.physaphae.fr/article.php?IdArticle=3645212 False Guideline None None CybeReason - Vendor blog According to Grand View Research, the global Extended Detection and Response (XDR) market is expected to reach $2.06 billion by 2028 after climbing at a CAGR of 19.9% over seven years. This forecast is predicated on market optimism that XDR will enable organizations to navigate a growing number of integrations between new and existing security solutions, as well as the notion that security teams can use XDR to increase their visibility across disparate but critical assets to detect and arrest attacks earlier.]]> 2021-11-10T14:02:00+00:00 https://www.cybereason.com/blog/why-xdr-is-a-must-have-for-organizations-of-every-size www.secnews.physaphae.fr/article.php?IdArticle=3638300 False None None None CybeReason - Vendor blog Cybereason has earned the coveted Gold-level OPSWAT Certified Security Applications verification for the Cybereason Sensors ActiveProbe 21.X for Windows, Mac and Linux endpoints. The OPSWAT Access Control Certification Program is the industry standard for the interoperability of endpoint security software--a key factor in ensuring a consistent user experience. ]]> 2021-11-10T14:01:00+00:00 https://www.cybereason.com/blog/cybereason-earns-gold-opswat-access-control-certification www.secnews.physaphae.fr/article.php?IdArticle=3638301 False None None None CybeReason - Vendor blog The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. ]]> 2021-11-09T18:46:51+00:00 https://www.cybereason.com/blog/threat-analysis-report-from-shatak-emails-to-the-conti-ransomware www.secnews.physaphae.fr/article.php?IdArticle=3634022 True Ransomware,Threat None None CybeReason - Vendor blog On October 5, U.S. Senator Elizabeth Warren (D-Mass.) introduced the Ransom Disclosure Act. She framed it as something that could help the U.S. government learn more about how ransomware operations work.]]> 2021-11-09T13:50:36+00:00 https://www.cybereason.com/blog/the-ransom-disclosure-act-and-defending-against-complex-ransomops www.secnews.physaphae.fr/article.php?IdArticle=3632234 False Ransomware None None CybeReason - Vendor blog Florian Roth, Head of Research at Nextron Systems in Germany, received a series of alerts on Nov. 6 that had all the telltale signs of a potentially serious security breach.]]> 2021-11-08T22:43:45+00:00 https://www.cybereason.com/blog/when-your-edr-vendor-attacks www.secnews.physaphae.fr/article.php?IdArticle=3629914 False None None None CybeReason - Vendor blog The shift to a Zero Trust security model has become a top priority for many organizations, driven by record levels of ransomware attacks and a rapidly expanding attack surface stemming from the move to remote work and accelerated cloud adoption.]]> 2021-11-08T21:46:59+00:00 https://www.cybereason.com/blog/zero-trust-race-is-on-do-you-have-the-right-engine www.secnews.physaphae.fr/article.php?IdArticle=3629465 False Ransomware None None CybeReason - Vendor blog As the CEO of a cybersecurity company, it's important to stay informed--to know about breaking news, emerging threats, and rising trends to provide direction for the company and protection for our customers. One story that stood out to me last week was the news that CISA issued a new directive to federal agencies. The mandate establishes an aggressive timeline for federal agencies to address known vulnerabilities in their environments. More importantly, though, the guidance will change how government agencies deal with cybersecurity moving forward and improve our ability to defend against attacks. ]]> 2021-11-08T17:04:14+00:00 https://www.cybereason.com/blog/the-cisa-directive-is-crucial-for-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=3628054 False None None None CybeReason - Vendor blog Alexey Ivanov was exactly the kind of person to benefit from the early-2000's dot-com boom: he was bright, talented and really knew his stuff. His only problem was the fact that he was born in Chelyabinsk, a sleepy Russian town in the middle of nowhere. When he sent his résumé to American companies, nobody was willing to bet on him. ]]> 2021-11-08T13:47:47+00:00 https://www.cybereason.com/blog/malicious-life-podcast-inside-operation-flyhook-part-1 www.secnews.physaphae.fr/article.php?IdArticle=3627151 False None None None CybeReason - Vendor blog Cybereason has been honored by recognition in The Herd 100, D.A. Davidson's ranking of the Top 100 private technology companies. The Cybereason operation-centric security approach enables defenders to outthink and outpace sophisticated cyber threats from nation-state attackers and cybercriminal groups. ]]> 2021-11-04T14:03:12+00:00 https://www.cybereason.com/blog/cybereason-recognized-in-the-herd-100-top-emerging-privately-held-u.s.-technology-companies www.secnews.physaphae.fr/article.php?IdArticle=3608323 False None None None CybeReason - Vendor blog Allison Miller, CISO at Reddit, discusses the challenges across stakeholders from end-users to service providers in addressing the nexus of Security, Privacy and Trust - should they be equally weighted? In what circumstances does the need for one outweigh the need for the others? What does the future hold for our efforts to find the right balance between them? Check it out...]]> 2021-11-04T13:00:55+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-the-nexus-of-security-privacy-and-trust www.secnews.physaphae.fr/article.php?IdArticle=3608055 False None None None CybeReason - Vendor blog Join Cybereason CEO and co-founder Lior Div and CSO Sam Curry as they break down the anatomy of a ransomware attack. Learn how Cybereason enables defenders to protect themselves and orchestrate the best ransomware defenses.]]> 2021-11-03T20:34:19+00:00 https://www.cybereason.com/blog/webinar-november-18th-anatomy-of-a-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=3605903 False Ransomware None None CybeReason - Vendor blog As a class of security tools, Security Information and Event Management (SIEM) finds itself in a curious position. On the one hand, the global SIEM market is expected to continue growing over the next few years. PRNewswire reported that the market is expected to reach $6.4 billion by 2027. Such growth implies a CAGR of 6.8% over the next six years. It also means that continuous monitoring, incident response, regulatory compliance, and log management will remain priorities for organizations during that period.]]> 2021-11-03T13:00:27+00:00 https://www.cybereason.com/blog/actionable-xdr-telemetry-vs.-uncorrelated-siem-alerts www.secnews.physaphae.fr/article.php?IdArticle=3603457 False None None None CybeReason - Vendor blog Cybereason is joining forces with Tech Data, a TD SYNNEX company and a leading global distributor of IT solutions, to protect enterprises across Asia Pacific from sophisticated cyberattacks.  ]]> 2021-11-03T00:00:00+00:00 https://www.cybereason.com/blog/cybereason-and-tech-data-partner-to-end-cyberattacks-in-asia-pacific-region www.secnews.physaphae.fr/article.php?IdArticle=3601349 False Guideline None None CybeReason - Vendor blog There's been record growth of ransomware attacks in 2021. A recent report documented 304.7 million attack attempts in the first six months of the year, as reported by Threatpost. That's 100,000 more attempts than the total volume logged in all of 2020.]]> 2021-11-02T12:23:58+00:00 https://www.cybereason.com/blog/what-are-the-most-common-attack-vectors-for-ransomware www.secnews.physaphae.fr/article.php?IdArticle=3598079 False Ransomware None None CybeReason - Vendor blog Microsoft platforms and products are ubiquitous. Government agencies and companies of all sizes and industries around the world rely on Microsoft software to get things done. They are also riddled with security weaknesses and vulnerabilities, which makes them a common--almost universal--vector for attacks. Microsoft is an Achilles heel that can make organizations vulnerable. ]]> 2021-11-01T19:00:18+00:00 https://www.cybereason.com/blog/nobelium-demonstrates-why-microsoft-is-the-weakest-link www.secnews.physaphae.fr/article.php?IdArticle=3594321 False None None None CybeReason - Vendor blog What do Oprah Winfrey, Donald Trump, and David Beckham have in common? Apparently, they are all clients of Graff-known as the “Jeweler to the Stars” because of its clientele of Hollywood A-listers and affluent who's who in the world. Now they have something else in common-their personal details were leaked on the Dark Web by the Conti ransomware gang following an attack on Graff. ]]> 2021-11-01T17:47:05+00:00 https://www.cybereason.com/blog/conti-ransomware-gang-strikes-jeweler-to-the-stars www.secnews.physaphae.fr/article.php?IdArticle=3593876 False Ransomware None None CybeReason - Vendor blog Cybereason and Google Cloud recently entered into a strategic partnership to bring to market a joint solution, Cybereason XDR powered by Chronicle, in support of our joint mission to reverse the adversary advantage. ]]> 2021-11-01T16:40:06+00:00 https://www.cybereason.com/blog/video-google-cloud-and-cybereason-shift-the-xdr-paradigm-to-detect-and-anticipate www.secnews.physaphae.fr/article.php?IdArticle=3593398 False None None None CybeReason - Vendor blog Recent ransomware attacks have shown that stakes are high. One recent attack demanded a ransom of $70m in cryptocurrency, and it is estimated that organizations paid nearly $600 million in ransom payments in just the first half of 2021--more than the total for all of 2020. Building out an anti-ransomware strategy is not just a good idea anymore, it is imperative. However, there are quite a few vendors in the market, making the selection process difficult. Today, we'll break down why customers continually choose Cybereason, especially over competitors such as SentinelOne. ]]> 2021-11-01T14:49:45+00:00 https://www.cybereason.com/blog/ransomware-head-to-head-why-does-cybereason-anti-ransomware-win-over-sentinelone www.secnews.physaphae.fr/article.php?IdArticle=3592709 False Ransomware None None CybeReason - Vendor blog The National Security Agency is one of the world's most formidable and powerful intelligence agencies. Some people fear that the NSA's advanced capabilities could one day be directed inwards instead of outwards. ]]> 2021-11-01T11:56:01+00:00 https://www.cybereason.com/blog/malicious-life-podcast-in-defense-of-the-nsa www.secnews.physaphae.fr/article.php?IdArticle=3591880 False None None None CybeReason - Vendor blog Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. ]]> 2021-10-29T15:49:18+00:00 https://www.cybereason.com/blog/webinar-november-11-live-attack-simulation-ransomware-threat-hunter-series www.secnews.physaphae.fr/article.php?IdArticle=3581299 True Ransomware,Threat None None CybeReason - Vendor blog The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them.]]> 2021-10-28T13:00:12+00:00 https://www.cybereason.com/blog/threat-analysis-report-snake-infostealer-malware www.secnews.physaphae.fr/article.php?IdArticle=3576713 True Malware,Threat None None CybeReason - Vendor blog Charles Cresson Wood set the 'gold standard' for policy guidance with the book Information Security Policies Made Easy, now in its 14th version. Wood has extensively researched what separates good processes from bad and has helped countless organizations develop and deliver sound policies that work to enable the business. Wood joins the podcast to discuss the five key mistakes teams make in creating and delivering impactful security and privacy policies for any organization - check it out...]]> 2021-10-28T12:47:56+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-five-mistakes-impacting-security-and-privacy-policy-creation www.secnews.physaphae.fr/article.php?IdArticle=3576714 False None None None CybeReason - Vendor blog Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. ]]> 2021-10-28T12:00:00+00:00 https://www.cybereason.com/blog/webinar-live-attack-simulation-emea-ransomware-threat-hunter-series www.secnews.physaphae.fr/article.php?IdArticle=3576715 True Ransomware,Threat None None CybeReason - Vendor blog The Cybereason Global Security Operations Center (SOC) issues Cybereason Threat Alerts to inform customers of emerging impacting threats. The Alerts summarize these threats and provide practical recommendations for protecting against them.]]> 2021-10-27T17:25:51+00:00 https://www.cybereason.com/blog/threat-alert-malicious-code-implant-in-the-uaparser.js-library www.secnews.physaphae.fr/article.php?IdArticle=3574114 True Threat None None CybeReason - Vendor blog XDR, shorthand for the product category of Extended Detection and Response, is a security approach that extends the power of EDR (Endpoint Detection and Response) capabilities to create integrated detection and response across not only endpoints, but also application suits, user personas, on-premises data centers as well as workloads hosted in the cloud.]]> 2021-10-27T12:39:34+00:00 https://www.cybereason.com/blog/what-is-xdr-understanding-extended-detection-and-response www.secnews.physaphae.fr/article.php?IdArticle=3572591 False None None None CybeReason - Vendor blog The Microsoft Threat Intelligence Center (MSTIC) shared a report warning that NOBELIUM-the threat actor behind the SolarWinds attacks-is targeting delegated administrative privileges as part of a larger malicious campaign. Microsoft cautions that attackers are attempting to gain access to downstream customers of multiple cloud providers, managed service providers (MSPs), and IT services organizations in what at first glance appears to be a standard threat intelligence report, but upon examination more closely resembles a technical vulnerability disclosure. ]]> 2021-10-26T15:21:56+00:00 https://www.cybereason.com/blog/microsoft-publishes-veiled-mea-culpa-disguised-as-research www.secnews.physaphae.fr/article.php?IdArticle=3567535 False Vulnerability,Threat None None CybeReason - Vendor blog There is no shortage of options for security teams undergoing an evaluation of EDR and EPP solutions currently available to the market. With roughly 30 serious vendors focused specifically on EDR and EPP, the differences between them are vast with unique approaches and capabilities delivered by each.]]> 2021-10-26T15:13:47+00:00 https://www.cybereason.com/blog/edr-buyers-guide-microsoft-e5-licenses-and-security-risks www.secnews.physaphae.fr/article.php?IdArticle=3567536 False None None None CybeReason - Vendor blog Editor's Note: Unlock the knowledge, resources and expert guidance you need to successfully prevent ransomware attacks from impacting your organization's operations with this complimentary Ransomware Toolkit...]]> 2021-10-26T12:57:41+00:00 https://www.cybereason.com/blog/an-operation-centric-approach-to-ransomops-prevention www.secnews.physaphae.fr/article.php?IdArticle=3566302 True Ransomware None None CybeReason - Vendor blog Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response. ]]> 2021-10-25T16:22:58+00:00 https://www.cybereason.com/blog/webinar-live-attack-simulation-ransomware-threat-hunter-series www.secnews.physaphae.fr/article.php?IdArticle=3561119 False Ransomware,Threat None None