This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T12:23:32+00:00 www.secnews.physaphae.fr CybeReason - Vendor blog Someone leaked the phone numbers and personal information for over half a billion Facebook users online. Alon Gal, CTO at cybercrime intelligence firm Hudson Rock, tweeted out that someone had dumped hundreds of millions of Facebook records onto a hacking forum: ]]> 2021-04-05T21:23:44+00:00 https://www.cybereason.com/blog/personal-info-for-more-than-half-a-billion-facebook-users-leaked-online www.secnews.physaphae.fr/article.php?IdArticle=2591148 False None None None CybeReason - Vendor blog Few will be shocked to hear that ransomware attacks are continuing to accelerate at a torrid pace - but the more concerning trend is the effectiveness of ransomware at creating chaos and paralyzing business operations.]]> 2021-04-05T17:01:42+00:00 https://www.cybereason.com/blog/ransomware-defense-three-implementations-every-security-team-needs www.secnews.physaphae.fr/article.php?IdArticle=2589457 False Ransomware None None CybeReason - Vendor blog The information and cybersecurity industry has no shortage of regulations, and many organizations simply rundown the list of requirements, load them into an excel spreadsheet and check the boxes to demonstrate they are in compliance. But is being compliant the same as being secure? Join this podcast with special guest Lee Parrish who shares an analogy that illustrates why being compliant is not the same as being secure, and how we can change an organization's orientation to keep the focus on security - check it out...]]> 2021-04-01T18:41:06+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-the-colonoscopy-of-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=2572557 False None None None CybeReason - Vendor blog DarkSide is a relatively new ransomware strain that made its first appearance in August 2020. DarkSide follows the RaaS (ransomware-as-a-service) model, and, according to Hack Forums, the DarkSide team recently made an announcement that DarkSide 2.0 has been released. According to the group, it is equipped with the fastest encryption speed on the market, and even includes Windows and Linux versions.]]> 2021-04-01T14:02:27+00:00 https://www.cybereason.com/blog/cybereason-vs-darkside-ransomware www.secnews.physaphae.fr/article.php?IdArticle=2571331 False Ransomware,Hack None None CybeReason - Vendor blog A security professional who assisted Ubiquiti in its response to a data breach accused the Internet-of-Things (IoT) device vendor of having downplayed the incident's severity.]]> 2021-03-31T19:10:25+00:00 https://www.cybereason.com/blog/whistleblower-accuses-ubiquiti-of-downplaying-major-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2568096 False Data Breach None None CybeReason - Vendor blog Cybercrime cost the American public over $4 billion in reported losses over the course of 2020, according to the FBI. In its Internet Crime Report 2020, the FBI's Internet Crime Complaint Center (IC3) revealed that it had received 791,790 complaints of digital crime in 2020.]]> 2021-03-31T16:34:21+00:00 https://www.cybereason.com/blog/fbi-pegs-2020-cybercrime-costs-at-4-billion www.secnews.physaphae.fr/article.php?IdArticle=2567227 False None None None CybeReason - Vendor blog The widespread HAFNIUM attacks were just the beginning of the problems stemming from multiple vulnerabilities in Microsoft's Exchange offering that were recently disclosed. According to Bleeping Computer, users began submitting new ransomware attack reports to the ID-Ransomware identification site on March 9 that site creator Michael Gillespie later determined had likely originated on Microsoft Exchange servers.]]> 2021-03-30T17:26:15+00:00 https://www.cybereason.com/blog/dearcry-ransomeware-and-the-hafnium-attacks www.secnews.physaphae.fr/article.php?IdArticle=2562407 False Ransomware None None CybeReason - Vendor blog The healthcare industry is getting much more attention than normal right now. COVID-19 has disrupted business operations and turned lives upside down around the world as everyone struggles to get the pandemic under control.]]> 2021-03-29T13:08:15+00:00 https://www.cybereason.com/blog/why-healthcare-security-requires-an-operation-centric-approach www.secnews.physaphae.fr/article.php?IdArticle=2555816 False None None None CybeReason - Vendor blog Mauro Israel, CISO at BIOOOS, discusses his colorful background and how he – like so many others in the security field – came to discover his true calling late in life and was able to apply his wide range of knowledge and experience to the role of CISO in the healthcare field - check it out..]]> 2021-03-26T14:48:04+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-career-in-security www.secnews.physaphae.fr/article.php?IdArticle=2538087 False None None None CybeReason - Vendor blog The Cybereason Managed Detection and Response (MDR) service offering has been named a Strong Performer in the Forrester Wave™: Managed Detection and Response, Q1 2021 report.]]> 2021-03-24T14:36:34+00:00 https://www.cybereason.com/blog/cybereason-named-a-strong-performer-in-forrester-wave-for-mdr-2021 www.secnews.physaphae.fr/article.php?IdArticle=2527360 False None None None CybeReason - Vendor blog The recent HAFNIUM attacks hit tens of thousands of organizations' Microsoft Exchange servers around the globe. Now, an array of other threat actors are leveraging the residual webshells on victim systems to launch new attacks against organizations who thought patching the Microsoft vulnerabilities would have been enough to be protected.]]> 2021-03-23T18:00:09+00:00 https://www.cybereason.com/blog/malicious-life-podcast-bside-hafnium www.secnews.physaphae.fr/article.php?IdArticle=2523401 False Threat,Patching None None CybeReason - Vendor blog The Sodinokibi/REvil ransomware gang has reportedly infected Taiwanese multinational electronics corporation Acer and demanded a ransom of $50 million. Those responsible for the Sodinokibi ransomware strain announced on their data leaks website that they had breached the computer giant.]]> 2021-03-23T16:54:20+00:00 https://www.cybereason.com/blog/sodinokibi/revil-ransomware-gang-hit-acer-with-50m-ransom-demand www.secnews.physaphae.fr/article.php?IdArticle=2523208 False Ransomware None None CybeReason - Vendor blog Many of you may have already heard of Amit Serper: he was the first researcher to tackle NotPetya and provide a solution when he was Principal Security Researcher at Cybereason back in 2017.]]> 2021-03-22T13:08:36+00:00 https://www.cybereason.com/blog/malicious-life-podcast-inside-notpetya-ransomware-part-2 www.secnews.physaphae.fr/article.php?IdArticle=2517105 False None NotPetya,NotPetya None CybeReason - Vendor blog It was recently disclosed that Microsoft Exchange offerings were severely compromised in nation-state sponsored operations by the threat group known as HAFNIUM. This incident has potentially affected tens-of-thousands of public and private organizations across the globe.]]> 2021-03-18T15:27:30+00:00 https://www.cybereason.com/blog/hafnium-response-cybereason www.secnews.physaphae.fr/article.php?IdArticle=2501029 False Threat None None CybeReason - Vendor blog Over the past year, the Cybereason Nocturnus Team has observed various trends among cyber criminals and nation-state groups leveraging various global events such as COVID-19 and other topical themes and trending issues as phishing content to lure their victims into installing their malware of choice.]]> 2021-03-18T10:04:34+00:00 https://www.cybereason.com/blog/cybereason-exposes-malware-targeting-us-taxpayers www.secnews.physaphae.fr/article.php?IdArticle=2499265 False Malware None None CybeReason - Vendor blog Business units are often challenged to demonstrate ROI on their spend for various initiatives. Why should the information security department be any different?]]> 2021-03-17T13:00:00+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-cybersecurity-roi-necessary www.secnews.physaphae.fr/article.php?IdArticle=2495818 False None None None CybeReason - Vendor blog Now that President Biden has proposed the allocation of $10 Billion for cyber security and IT modernization, what specifically should the federal government focus on to restore confidence in our national cyber security defense posture?]]> 2021-03-16T16:03:52+00:00 https://www.cybereason.com/blog/security-ceo-roundtable-national-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=2491241 False None None None CybeReason - Vendor blog Attackers have proven time and again they are willing to innovate in nefarious ways to breach your defenses - as seen with the most recent headlines around the recent Microsoft Exchange and SolarWinds attacks.]]> 2021-03-16T14:09:52+00:00 https://www.cybereason.com/blog/webinar-protecting-against-it-infrastructure-attacks-from-hafnium-and-solarwinds www.secnews.physaphae.fr/article.php?IdArticle=2490849 False None None None CybeReason - Vendor blog The U.S. government could take up to 18 months in its efforts to recover from the SolarWinds supply chain attack, explained the U.S. Cybersecurity & Infrastructure Security Agency (CISA).]]> 2021-03-15T13:00:00+00:00 https://www.cybereason.com/blog/solarwinds-attacks-recovery-effort www.secnews.physaphae.fr/article.php?IdArticle=2485608 False None None None CybeReason - Vendor blog Ransomware continues to evolve and despite what many in the industry had thought was a lull in the use of ransomware by cyber criminals; it hasn't gone away and has returned with a vengeance.]]> 2021-03-12T16:31:30+00:00 https://www.cybereason.com/blog/webinar-state-of-ransomware www.secnews.physaphae.fr/article.php?IdArticle=2474638 False Ransomware None None CybeReason - Vendor blog International Women's Day always makes me reflect about my career path and decisions, and I wonder if just the fact that I'm a woman makes them interesting. I hope not.]]> 2021-03-12T15:15:23+00:00 https://www.cybereason.com/blog/why-be-daring www.secnews.physaphae.fr/article.php?IdArticle=2474470 False None None None CybeReason - Vendor blog Digital attackers compromised the live feeds of 150,000 surveillance cameras made by enterprise security camera system manufacturer Verkada. According to Bloomberg News, a hacking collective that calls itself “Advanced Persistent Threat 69420” gained access to Verkada by misusing a “Super Admin” account at the company.]]> 2021-03-11T17:36:05+00:00 https://www.cybereason.com/blog/live-feeds-of-150k-surveillance-cameras-compromised-in-verkada-breach www.secnews.physaphae.fr/article.php?IdArticle=2468907 False Threat None None CybeReason - Vendor blog “What do you want to be one day, Jean?” ]]> 2021-03-11T13:38:02+00:00 https://www.cybereason.com/blog/international-womens-day-girls-should-never-give-up www.secnews.physaphae.fr/article.php?IdArticle=2468129 False None None None CybeReason - Vendor blog The CISO position in some organizations is relatively new, but the role has actually been evolving over the past 25 years - ever since Citibank named the first CISO, Steve Katz, in 1995. Join this podcast to learn how Steve navigated the early days of security and the changes he sees in the role today...]]> 2021-03-10T15:00:00+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-your-job-is-to-make-cybersecurity-simple www.secnews.physaphae.fr/article.php?IdArticle=2462047 False None None None CybeReason - Vendor blog “As a woman...” I haven't really used that phrase for very long. Eight years ago, I came out as a transgender woman, very late in life. And even today I find myself fighting forty years of my own preconceived notions of what I had to be in order to say those words. ]]> 2021-03-10T14:00:00+00:00 https://www.cybereason.com/blog/international-womens-day-win-as-one-takes-true-commitment-to-diversity www.secnews.physaphae.fr/article.php?IdArticle=2461774 False None None None CybeReason - Vendor blog Having worked in Human Resources my entire career, the notion of Culture Fit  became near and dear to me throughout my career. Leadership teams would comment on needing to hire those who were a Culture Fit, hiring managers would request it, and recruiters would screen hundreds of candidates to try to ensure the people they presented truly fit the company's culture. ]]> 2021-03-09T15:00:00+00:00 https://www.cybereason.com/blog/international-womens-day-culture-add-over-culture-fit-as-a-catalyst-for-diversity www.secnews.physaphae.fr/article.php?IdArticle=2456582 False Guideline None None CybeReason - Vendor blog Cybereason is pleased to announce a strategic partnership with Bechtle AG to facilitate expansion across the DACH region of Germany, Austria and Switzerland to better protect enterprises against sophisticated cyber attacks on endpoints and everywhere in their networks.]]> 2021-03-09T14:00:00+00:00 https://www.cybereason.com/blog/cybereason-expands-in-the-dach-region www.secnews.physaphae.fr/article.php?IdArticle=2456381 False None None None CybeReason - Vendor blog SolarWinds supply chain attacks, organizations are again scrambling to assess the impact of a recently disclosed attack attributed to the Chinese state-sponsored HAFNIUM APT group that targets vulnerabilities in Microsoft Exchange servers with two zero-day exploits. Perhaps it's time we accept that there's a war going on, and that this war is being fought on the backs of commercial companies who are targeted by sophisticated, military-grade offensive campaigns.]]> 2021-03-08T20:27:29+00:00 https://www.cybereason.com/blog/hafnium-and-solarwinds-attacks-highlight-lack-of-accountability www.secnews.physaphae.fr/article.php?IdArticle=2453255 False None None None CybeReason - Vendor blog Rewind to 2012: Sheryl Sandberg's Lean In had just been published, pushing women to stop sitting back and start taking more risks. Amy Cuddy had just come out with her “Power Pose” TED Talk telling women that posing like Superwoman for two minutes can make you feel more powerful. ]]> 2021-03-08T14:00:00+00:00 https://www.cybereason.com/blog/international-womens-day-ubu-and-lead-like-a-girl www.secnews.physaphae.fr/article.php?IdArticle=2451321 False Guideline None None CybeReason - Vendor blog Bob Bigman, former CISO for the CIA, simplifies the conversation by slaughtering some of the industry's most sacred cows like risk tolerance as a key driver for security programs - check it out…]]> 2021-03-04T14:00:00+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-and-other-useless-security-constructs www.secnews.physaphae.fr/article.php?IdArticle=2433541 False None None None CybeReason - Vendor blog On June 28th, 2017, millions of Ukrainians were celebrating Constitution Day. Their national holiday turned into a nightmare, as tens of thousands of computers all over the country were infected by mysterious malware. By that afternoon, the cyber-pandemic was already going global.]]> 2021-03-03T14:00:00+00:00 http://www.cybereason.com/blog/malicious-life-podcast-inside-notpetya-ransomware-part-1 www.secnews.physaphae.fr/article.php?IdArticle=2428397 False None NotPetya None CybeReason - Vendor blog Top-tier defender Keith Barros of Seton Hall University discusses the successes SHU has achieved with a deployment of Cybereason solutions to secure endpoints and ramp-up students to Level1 Analyst level performance.]]> 2021-03-02T14:29:11+00:00 https://www.cybereason.com/blog/defender-spotlight-keith-barros-seton-hall-university www.secnews.physaphae.fr/article.php?IdArticle=2422701 False None None None CybeReason - Vendor blog The CISO must interact with many different groups within the company. These groups differ in the amount of business acumen and technical depth necessary. The CISO must have self-awareness of how to approach each of these different types of stakeholders, as well as ensuring appropriate self-care is taken to limit burnout, stress and anxiety.]]> 2021-03-01T14:00:00+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-without-building-a-ciso-eq-you-may-be-on-your-own www.secnews.physaphae.fr/article.php?IdArticle=2416911 False None None None CybeReason - Vendor blog Eric Schmidt (CEO Google 2001-2007) famously noted that his company's policy was to get 'right up to the creepy line and not cross it.' The closer an organization can get to this imaginary line, the greater the profit maximization. When does this become an invasion of privacy? ]]> 2021-02-25T14:00:00+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-doing-privacy-right-vs.-doing-privacy-rights www.secnews.physaphae.fr/article.php?IdArticle=2398195 False None None None CybeReason - Vendor blog The SolarWinds supply chain attacks aren't out of the news yet - not by a longshot. Now is when we're starting to see the U.S. government implement changes in response to the incident.]]> 2021-02-24T14:00:00+00:00 https://www.cybereason.com/blog/more-money-wont-prevent-the-next-solarwinds-but-better-detection-strategies-will www.secnews.physaphae.fr/article.php?IdArticle=2392718 False None None None CybeReason - Vendor blog Cybereason is pleased to announce further expansion in North America with the addition of cybersecurity leaders Abigail Maines as Vice President of Commercial and Channel Sales, Stephan Tallent as Vice President of Managed Security Services Providers, and Ahmed Saleh as Vice President of Incident Response Services. ]]> 2021-02-23T14:05:00+00:00 https://www.cybereason.com/blog/cybereason-accelerates-north-american-expansion-with-strategic-hires www.secnews.physaphae.fr/article.php?IdArticle=2388046 False Guideline None None CybeReason - Vendor blog SCM Insurance Services has been supporting the insurance and risk management community for more than 30 years with over 200 locations and over 3,000 employees across North America providing claims adjusting, third-party administration (TPA), risk management, investigative, surveillance, risk mitigation, medical services, forensic services (accounting/engineering), and risk intelligence. ]]> 2021-02-23T14:00:00+00:00 https://www.cybereason.com/blog/case-study-scm-insurance-services-finds-true-partnership-cybereason www.secnews.physaphae.fr/article.php?IdArticle=2388047 False None None None CybeReason - Vendor blog Ransomware has been the scourge of businesses for some time now, and it doesn't seem that there is an end in sight where the impact to business is concerned.]]> 2021-02-22T13:45:00+00:00 https://www.cybereason.com/blog/ransomware-attacks-remain-persistent-and-pervasive www.secnews.physaphae.fr/article.php?IdArticle=2382445 False None None None CybeReason - Vendor blog Kia Motors America stated that a ransomware attack was not the apparent cause of an extended systems outage affecting the automobile dealer's IT systems. It all started with an error message…]]> 2021-02-19T13:40:58+00:00 https://www.cybereason.com/blog/kia-motors-america-ransomware-not-behind-extended-systems-outage www.secnews.physaphae.fr/article.php?IdArticle=2371058 False Ransomware None None CybeReason - Vendor blog Cybereason is pleased to announce a partnership with Oxygen DMCC, the Dubai-based leader in AI-powered cybersecurity and mobility solutions, enabling enterprises across the Middle East and North Africa (MENA) to detect and end cyber attacks on endpoints anywhere on their networks.]]> 2021-02-18T14:00:00+00:00 https://www.cybereason.com/blog/cybereason-expands-middle-east-and-north-africa-presence-with-dubais-oxygen www.secnews.physaphae.fr/article.php?IdArticle=2365874 False Guideline None None CybeReason - Vendor blog It seems likely that legislation alone won't be able to regulate the widespread use of facial recognition. However, placing AI in the hands of law enforcement or the government does have its dangers due to the limitations of the technology itself and the biases of the officers who use it.]]> 2021-02-17T20:19:15+00:00 https://www.cybereason.com/blog/malicious-life-podcast-inside-clearview-ai-facial-recognition-0-0 www.secnews.physaphae.fr/article.php?IdArticle=2362649 False None None None CybeReason - Vendor blog An international law firm attributed a data breach to a compromise at a cloud solutions company that provides file-sharing services. According to the Wall Street Journal, a threat actor claimed to have stolen data from global law firm Jones Day and published that information on the dark web.]]> 2021-02-17T18:35:26+00:00 https://www.cybereason.com/blog/global-law-firm-attributes-data-breach-to-compromise-at-file-sharing-provider www.secnews.physaphae.fr/article.php?IdArticle=2362105 False Data Breach,Threat None None CybeReason - Vendor blog The Cybersecurity Coalition's Ari Schwartz brings us up to date on some of the organization's initiatives and then dives into some of the challenges SLED defenders are facing in trying to do more with less…]]> 2021-02-17T14:00:00+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-telling-scary-stories-to-the-board-stop.-heres-why-0 www.secnews.physaphae.fr/article.php?IdArticle=2360453 False None None None CybeReason - Vendor blog The NetWalker ransomware has been one of the most notorious ransomware families over the course of the past year, targeting organizations in the US and Europe including several healthcare organizations, despite several known threat actors publicly claiming to abstain from targeting such organizations due to COVID-19.]]> 2021-02-16T13:00:00+00:00 https://www.cybereason.com/blog/cybereason-vs.-netwalker-ransomware www.secnews.physaphae.fr/article.php?IdArticle=2354971 False Ransomware,Threat None None CybeReason - Vendor blog This is the inaugural blog for our new series, The Cybereason Difference. Each post will explore a unique way that Cybereason empowers defenders. For this post, we decided to take a look at some of the reasons why we often get notes from our customers to the effect of, “I'm having fun watching our pentesters get frustrated over and over again as they attempt to bypass Cybereason - literally throwing the kitchen sink at it to no avail!”]]> 2021-02-15T14:00:00+00:00 https://www.cybereason.com/blog/the-cybereason-difference-why-pentesters-dont-want-to-be-our-valentine www.secnews.physaphae.fr/article.php?IdArticle=2349424 False None None None CybeReason - Vendor blog CISOs today have varied tenures at organizations depending upon their ability to master learning the business of the organization. Enjoy this podcast with special guest Mischel Kwon to learn how to translate information security technical issues into a business-focused language and determine the right amount of technical language to share with executives…]]> 2021-02-12T19:59:42+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-telling-scary-stories-to-the-board-stop.-heres-why- www.secnews.physaphae.fr/article.php?IdArticle=2338002 False None None None CybeReason - Vendor blog There are plenty of reasons why law enforcement should use AI for facial recognition - after all, humans are notoriously bad eye witnesses. However, placing AI in the hands of law enforcement does have its dangers due to the limitations of the technology itself and the biases of the officers who use it.]]> 2021-02-12T14:43:04+00:00 https://www.cybereason.com/blog/malicious-life-podcast-inside-clearview-ai-facial-recognition-0 www.secnews.physaphae.fr/article.php?IdArticle=2336833 False None None None CybeReason - Vendor blog Targeted attacks are increasingly taking aim at multiple users and devices simultaneously as well as leveraging a wider range of tactics, techniques and procedures. ]]> 2021-02-10T14:00:00+00:00 https://www.cybereason.com/blog/the-cybereason-malop-achieving-operation-centric-security www.secnews.physaphae.fr/article.php?IdArticle=2324222 False None None None CybeReason - Vendor blog A cyberattacker attempted to poison a Florida municipality's water supply by breaking into the city's water treatment plant systems. On February 5, an operator at the water treatment plant for the City of Oldsmar in Pinellas County noticed someone controlling his mouse. The operator didn't think much of the activity at first, reported WTSP-TV.]]> 2021-02-09T16:21:37+00:00 https://www.cybereason.com/blog/attacker-tries-to-poison-florida-citys-water-supply www.secnews.physaphae.fr/article.php?IdArticle=2318890 False None None None CybeReason - Vendor blog An attacker group published information stolen from two healthcare service providers in a reported attempt to extort them for money. On February 5, NBC News reported that a well-known ransomware group had published tens of thousands of files to a data leaks website on the dark web. Among those files were scanned diagnostic results, letters to health insurers and a folder containing background checks on employees.]]> 2021-02-08T18:47:37+00:00 http://www.cybereason.com/blog/extortionists-publish-data-stolen-from-two-healthcare-service-providers www.secnews.physaphae.fr/article.php?IdArticle=2313571 False Ransomware None None CybeReason - Vendor blog An exploit attack occurs when a malicious actor takes advantage of a software vulnerability to penetrate and then damage or steal information from a computer system. One feature that Cybereason provides to protect users from exploit attacks is our Exploit Protection. The following is a quick rundown of some of the key terms for understanding exploit attacks.]]> 2021-02-04T14:00:00+00:00 https://www.cybereason.com/blog/the-security-value-of-exploit-protection www.secnews.physaphae.fr/article.php?IdArticle=2293977 False Vulnerability None None CybeReason - Vendor blog Cybereason is pleased to announce that Cybereason XDR was named one of the hottest new cybersecurity products of 2020 by CRN. With Cybereason XDR, defenders can pinpoint, understand and end any Malop™ (malicious operation) across the entire IT stack whether on-premises, mobile or in the cloud. ]]> 2021-02-04T13:05:00+00:00 https://www.cybereason.com/blog/cybereason-xdr-dubbed-hottest-new-cybersecurity-product-by-crn www.secnews.physaphae.fr/article.php?IdArticle=2293718 False None None None CybeReason - Vendor blog Clearview AI scrapes billions of images off social media and the open web, applies facial recognition algorithms on them, and sells that data to law enforcement agencies all over the world. But who are the people behind this secretive company, and what did a breach into its databases reveal?]]> 2021-02-03T16:08:52+00:00 https://www.cybereason.com/blog/malicious-life-podcast-inside-clearview-ai-facial-recognition www.secnews.physaphae.fr/article.php?IdArticle=2289892 False None None None CybeReason - Vendor blog Approximately one-third of organizations affected by the SolarWinds supply chain attacks weren't actually running the IT management company's affected software.]]> 2021-02-03T14:42:59+00:00 https://www.cybereason.com/blog/nearly-one-third-of-attack-targets-werent-running-solarwinds www.secnews.physaphae.fr/article.php?IdArticle=2289368 False None None None CybeReason - Vendor blog The daily drumbeat of data spills, breaches, and thefts can foster breach fatigue, apathy, and cynicism among even the hardiest security professionals. What sets in is a suspicion that all our efforts are for naught, and that we are perpetually a step behind the bad guys. ]]> 2021-02-02T21:07:01+00:00 https://www.cybereason.com/blog/webinar-krebs-curry-and-cyber-security www.secnews.physaphae.fr/article.php?IdArticle=2286133 False None None None CybeReason - Vendor blog The United Kingdom's National Health Service (NHS) warned that scammers are in the process of sending out fake COVID-19 vaccine invitations. On January 25th, Urology Cancer Research & Education (UCARE) Oxford reached out to the NHS on Twitter and shared an image of one such fake invitation that it had received.]]> 2021-02-01T14:00:00+00:00 https://www.cybereason.com/blog/nhs-warns-of-new-covid-19-vaccine-related-phishing-campaigns www.secnews.physaphae.fr/article.php?IdArticle=2278857 False None None None CybeReason - Vendor blog Law enforcement entities and judicial authorities located around the world succeeded in disrupting the Emotet botnet's infrastructure through a coordinated takedown effort.]]> 2021-01-28T17:55:04+00:00 https://www.cybereason.com/blog/emotet-botnet-infrastructure-disrupted-in-international-takedown www.secnews.physaphae.fr/article.php?IdArticle=2261507 False None None None CybeReason - Vendor blog National Privacy Day is a time to look at the current state of privacy and to set the direction and tone for the future. On January 28, 2021, let's stop and think not just about the minimum requirements of privacy legislation but rather about the world we're building and handing to our children. ]]> 2021-01-28T14:00:00+00:00 https://www.cybereason.com/blog/sam-curry-on-the-real-privacy-mandate www.secnews.physaphae.fr/article.php?IdArticle=2259977 False None None None CybeReason - Vendor blog Cybereason, the leader in future ready attack protection, is pleased to announce a partnership with Ensign InfoSecurity , one of the Asia Pacific's largest pure-play cybersecurity firms, to expand the suite of cybersecurity solutions and services that Ensign offers to protect its Asia Pacific customers from the evolving cyber threats. ]]> 2021-01-28T13:05:00+00:00 https://www.cybereason.com/blog/cybereason-partners-with-ensign-to-provide-managed-detection-and-response-services-in-apac www.secnews.physaphae.fr/article.php?IdArticle=2259701 False Guideline None 5.0000000000000000 CybeReason - Vendor blog I've talked about the SolarWinds Supply Chain Attacks recently more than you'd care to know over the past month or so (just ask anyone who knows me), with key points from a few of the discussions making their way into the public sphere here and here.]]> 2021-01-27T14:30:00+00:00 https://www.cybereason.com/blog/solarwinds-attacks-highlight-advantage-of-indicators-of-behavior-for-early-detection www.secnews.physaphae.fr/article.php?IdArticle=2253047 False None None None CybeReason - Vendor blog Research by: Daniel Frank]]> 2021-01-26T14:00:00+00:00 https://www.cybereason.com/blog/cybereason-vs.-ransomexx-ransomware www.secnews.physaphae.fr/article.php?IdArticle=2246536 True Ransomware None None CybeReason - Vendor blog It is true in general that technology is always changing, and the threat landscape is constantly evolving, but 2020 has amplified the cybersecurity challenge. Organizations of all sizes and across all industries already struggled to effectively manage risk and cyber resilience, but the global pandemic of COVID-19 has introduced a sudden and dramatic shift that tips the playing field in favor of attackers and exacerbates the task. ]]> 2021-01-25T14:44:34+00:00 https://www.cybereason.com/blog/wipros-state-of-cybersecurity-report-reveals-valuable-insights www.secnews.physaphae.fr/article.php?IdArticle=2242115 False Threat None None CybeReason - Vendor blog President Donald Trump signed an executive order to prevent foreign malicious cyber actors from misusing United States Infrastructure as a Service (IaaS) products. In the executive order, dated January 19, President Trump explained that foreign malicious cyber actors were using IaaS products made in the United States to aid their efforts in stealing sensitive information as well as targeting U.S. critical infrastructure:]]> 2021-01-22T14:00:00+00:00 https://www.cybereason.com/blog/last-hurrah-executive-order-to-protect-iaas-platforms-from-malicious-actors www.secnews.physaphae.fr/article.php?IdArticle=2230322 False None None None CybeReason - Vendor blog We're still learning the full extent of the SolarWinds supply chain attacks. On January 11, for instance, researchers published a technical breakdown of a malicious tool detected as SUNSPOT that was employed as part of the infection chain involving the IT management software provider's Orion platform. ]]> 2021-01-21T14:08:16+00:00 https://www.cybereason.com/blog/solarwinds-attacks-highlight-importance-of-operation-centric-approach www.secnews.physaphae.fr/article.php?IdArticle=2225390 False Tool Solardwinds,Solardwinds None CybeReason - Vendor blog Cybereason and SYNNEX Corporation are pleased to announce a strategic agreement that enables SMBs and Enterprises to detect and end cyber attacks on endpoints anywhere on their networks.]]> 2021-01-13T14:00:00+00:00 https://www.cybereason.com/blog/cybereason-and-synnex-corporation-partner-to-end-cyber-attacks www.secnews.physaphae.fr/article.php?IdArticle=2182383 False None None None CybeReason - Vendor blog Research by: Lior Rochberger]]> 2021-01-12T14:03:32+00:00 https://www.cybereason.com/blog/cybereason-vs.-conti-ransomware www.secnews.physaphae.fr/article.php?IdArticle=2176225 True Ransomware None None CybeReason - Vendor blog Ransomware can literally put organizations and lives at risk, as witnessed in 2020 with the continuous onslaught of attacks against the healthcare industry, research organizations working on COVID-19 vaccines, telecommunication centers, financial institutions, the public sector and companies across every industry vertical.]]> 2021-01-11T21:35:00+00:00 https://www.cybereason.com/blog/cybereason-and-intel-introduce-hardware-enabled-ransomware-protections-for-businesses www.secnews.physaphae.fr/article.php?IdArticle=2173099 False Ransomware None None CybeReason - Vendor blog In the middle of December, IT management software provider SolarWinds revealed in a security advisory that it had fallen victim to a sophisticated supply chain attack. The offensive involved the placement of a backdoor known as SUNBURST into versions 2019.4 HF 5, 2020.2 with no hotfix installed and 2020.2 HF 1 of the company's Orion Platform software. If executed, SUNBURST allowed an attacker to compromise the server running the Orion build.]]> 2021-01-05T19:42:44+00:00 https://www.cybereason.com/blog/contextualizing-microsofts-source-code-exposure-in-the-solarwinds-attacks www.secnews.physaphae.fr/article.php?IdArticle=2146483 False None Solardwinds,Solardwinds None CybeReason - Vendor blog We spent some time with Israel Barak, Chief Information Security Officer at Cybereason, who discussed some of the challenges of running a world-wide SOC remotely during the pandemic - check it out...]]> 2021-01-04T13:30:00+00:00 http://www.cybereason.com/blog/ever-evolving-israel-barak-on-running-remote-soc-ops www.secnews.physaphae.fr/article.php?IdArticle=2143744 False None None None CybeReason - Vendor blog Research by: Daniel Frank]]> 2020-12-24T13:00:00+00:00 https://www.cybereason.com/blog/amazon-gift-card-offer-serves-up-dridex-banking-trojan www.secnews.physaphae.fr/article.php?IdArticle=2124560 False None None 4.0000000000000000 CybeReason - Vendor blog Research by: Daniel Frank]]> 2020-12-23T14:00:00+00:00 https://www.cybereason.com/blog/cybereason-vs.-clop-ransomware www.secnews.physaphae.fr/article.php?IdArticle=2122685 False Ransomware None None CybeReason - Vendor blog On December 13, 2020, IT infrastructure management provider SolarWinds issued a Security Advisory regarding their SolarWinds Orion Platform after experiencing a “highly sophisticated” supply chain attack. The activity is reported to have begun as early as Spring 2020, as reported by researchers from security firm FireEye.]]> 2020-12-22T21:14:06+00:00 https://www.cybereason.com/blog/cybereason-vs-solarwinds-supply-chain-attack www.secnews.physaphae.fr/article.php?IdArticle=2121357 False None Solardwinds None CybeReason - Vendor blog 2020 kicked off with a bang, literally, as General Soleimani was killed less than a week into the year. This had immediate repercussions with simple website defacements by minor actors ideologically aligned with Iran and concerns of cyber escalations.]]> 2020-12-22T14:00:00+00:00 https://www.cybereason.com/blog/2021-security-crystal-ball-trends-and-predictions-for-the-year-ahead www.secnews.physaphae.fr/article.php?IdArticle=2120304 False None None None CybeReason - Vendor blog The sudden transition to remote work brought on by the pandemic resulted in many companies ensuring employees had the necessary tools to work remotely. However, that left little focus on the rising security risks that come with home networks and endpoints.]]> 2020-12-21T04:08:43+00:00 https://www.cybereason.com/blog/cybereason-and-oracle-team-up-for-security-at-scale-from-the-endpoint-to-the-cloud www.secnews.physaphae.fr/article.php?IdArticle=2116079 False None None None CybeReason - Vendor blog As we hurtle towards the end of 2020, the only constant we can come to expect is change itself. We're pressed on two sides: our corporate IT environments continue to change, and attackers are more persistent and explosive than ever. While it is possible to secure a modern, distributed, multi-cloud environment, it feels out of reach for most security teams. Between data lake management, detection and rules tuning, and repetitive response actions, it's challenging to architect, build, and maintain -- and of course prove that it's making the business safer.]]> 2020-12-18T18:16:30+00:00 https://www.cybereason.com/blog/impact-of-xdr-on-the-modern-soc-new-esg-report www.secnews.physaphae.fr/article.php?IdArticle=2110856 False None None None CybeReason - Vendor blog Security researchers observed a politically motivated APT called “Molerats” using three new malware variants to conduct espionage in the Middle East.]]> 2020-12-15T18:11:05+00:00 https://www.cybereason.com/blog/molerats-apt-new-malware-and-techniques-in-middle-east-espionage-campaign www.secnews.physaphae.fr/article.php?IdArticle=2103065 False Malware None None CybeReason - Vendor blog By now, you've probably heard: On December 13, Reuters reported that malicious actors had gone after both the U.S. Department of Treasury and the U.S. Department of Commerce. The National Security Council met at the White House on December 12 to talk things over. A day later, U.S. officials indicated that they had asked CISA and the FBI to look into what had happened.]]> 2020-12-14T21:47:12+00:00 https://www.cybereason.com/blog/the-solarwinds-supply-chain-attack-and-the-limits-of-cyber-hygiene www.secnews.physaphae.fr/article.php?IdArticle=2101518 False None None None CybeReason - Vendor blog We spent some time with Jake Williams - founder and President at Rendition Infosec and SANS Instructor - discusses some of the challenges in remotely running a successful infosec consultancy - check it out...]]> 2020-12-14T14:30:00+00:00 https://www.cybereason.com/blog/ever-evolving-jake-williams-on-running-an-infosec-consultancy-remotely www.secnews.physaphae.fr/article.php?IdArticle=2100721 False None None None CybeReason - Vendor blog Ryuk ransomware has been infecting victims since around 2018, and is believed to be based on the source code of Hermes ransomware, which was sold on an internet hacking forum back in 2017. Since its inception, Ryuk has been used to target large organizations to great effect, having accumulated as much as $61.26 million (as of Feb 2020) in ransom payments according to federal investigations. ]]> 2020-12-10T16:00:31+00:00 https://www.cybereason.com/blog/cybereason-vs.-ryuk-ransomware www.secnews.physaphae.fr/article.php?IdArticle=2089455 False Ransomware None None CybeReason - Vendor blog The Cybereason Nocturnus Team has identified an active espionage campaign employing three previously unidentified malware variants that use Facebook, Dropbox, Google Docs and Simplenote for command & control and the exfiltration of data from targets across the Middle East. The full report can be downloaded here (ungated).]]> 2020-12-09T02:00:00+00:00 https://www.cybereason.com/blog/new-malware-arsenal-abusing-cloud-platforms-in-middle-east-espionage-campaign www.secnews.physaphae.fr/article.php?IdArticle=2086087 False Malware None None CybeReason - Vendor blog We spent some time with Katie Nickels - current Director of Intelligence at Red Canary and formerly MITRE ATT&CK Threat Intelligence Lead - to discuss applied threat intelligence, prioritizing threats for impact, and working incident response in remote environments - check it out...]]> 2020-12-07T20:46:46+00:00 https://www.cybereason.com/blog/ever-evolving-katie-nickels-on-incident-response-in-a-remote-world www.secnews.physaphae.fr/article.php?IdArticle=2083469 False Threat,Guideline APT 15 None CybeReason - Vendor blog Join us for an hour-long panel on the intricacies of XDR and how it will affect the security industry. Learn what XDR is, specific use cases, and how security practitioners can easily integrate this new technology into their security stack.]]> 2020-12-04T18:23:59+00:00 https://www.cybereason.com/blog/is-xdr-the-next-silver-bullet www.secnews.physaphae.fr/article.php?IdArticle=2077620 False None None None CybeReason - Vendor blog When I chose a career in B2B marketing I'm not sure I ever imagined I'd be a part of a team that spent weeks architecting intricate owl wings and razor-sharp talons, but here we are. While 2020 has been filled with many challenging surprises, this was a great one for me. And because we are driven by the mission of defending together, today we released a video of what it took to bring our new league of animated owls to life. But first, some history of the owl + Cybereason.]]> 2020-12-04T10:00:00+00:00 https://www.cybereason.com/blog/meet-the-league-of-defenders www.secnews.physaphae.fr/article.php?IdArticle=2076773 False None None None CybeReason - Vendor blog In mid-2020, the Cybereason Research Team detected an active campaign that targeted Brazilian customers of MercadoLivre, one of the largest e-commerce platforms in Latin America.]]> 2020-12-02T14:30:00+00:00 https://www.cybereason.com/blog/ensuring-digital-safety-and-security-this-holiday-season www.secnews.physaphae.fr/article.php?IdArticle=2072251 False None None None CybeReason - Vendor blog We spent some time with Rachel Tobac discussing techniques, awareness and training for organizations seeking to limit the risk from one of the most difficult security threats to counter - social engineering attacks - check it out...]]> 2020-11-30T14:30:00+00:00 https://www.cybereason.com/blog/ever-evolving-rachel-tobac-talks-social-engineering www.secnews.physaphae.fr/article.php?IdArticle=2067438 False None None None CybeReason - Vendor blog Research by: Lior Rochberger]]> 2020-11-26T01:51:59+00:00 https://www.cybereason.com/blog/cybereason-vs-egregor-ransomware www.secnews.physaphae.fr/article.php?IdArticle=2056103 False Ransomware None None CybeReason - Vendor blog Cybereason is pleased to announce we were named one of the Top Places to Work in 2020 by The Boston Globe, which recognizes the most admired workplaces in the state voted on by the people who know them best-their employees. The survey measures employee opinions about their company's direction, execution, connection, management, work, pay and benefits, and engagement.]]> 2020-11-23T19:15:34+00:00 https://www.cybereason.com/blog/the-boston-globe-recognizes-cybereason-as-a-top-place-to-work-in-2020 www.secnews.physaphae.fr/article.php?IdArticle=2051510 False None None None CybeReason - Vendor blog Cybereason CSO Sam Curry shares insights on tackling tough security challenges from a strategic perspective as well as from the point of view of a leader of security operations teams working tirelessly to reverse the adversary advantage and return the high ground to the defenders.]]> 2020-11-23T17:57:58+00:00 https://www.cybereason.com/blog/ever-evolving-cybereason-cso-sam-curry-on-security-and-leadership www.secnews.physaphae.fr/article.php?IdArticle=2051403 False Guideline None None CybeReason - Vendor blog Research by: Tom Fakterman and Assaf Dahan]]> 2020-11-19T16:19:51+00:00 https://www.cybereason.com/blog/medusalocker-ransomware www.secnews.physaphae.fr/article.php?IdArticle=2044911 False Ransomware None None CybeReason - Vendor blog If 2020 has taught us anything, it is to expect the unexpected. The global pandemic has shown that people have heart and are very resilient in the face of adversity. For cyber criminals, 2020 year has been one of the most profitable in history, as we have seen a massive uptick in cyber-related criminal activity, scams and fraud. ]]> 2020-11-18T19:59:10+00:00 https://www.cybereason.com/blog/buyer-beware-tips-for-secure-online-shopping-during-the-holidays www.secnews.physaphae.fr/article.php?IdArticle=2042882 False None None None CybeReason - Vendor blog The Cybereason Nocturnus Team has identified an active campaign targeting customers of a larger e-commerce platform with newly identified multi-stage malware that evades antivirus tools dubbed Chaes. ]]> 2020-11-18T04:15:00+00:00 https://www.cybereason.com/blog/novel-chaes-malware-underscores-heightened-e-commerce-risk-this-holiday-season www.secnews.physaphae.fr/article.php?IdArticle=2041387 False Malware None None CybeReason - Vendor blog Not long ago we were fortunate to grab some time with Steph Ihezukwu who shared her insights and observation on everything from diversity in tech to how to collaborate with teams in the age of remote work and heightened security concerns - check it out...]]> 2020-11-16T13:30:00+00:00 https://www.cybereason.com/blog/ever-evolving-stephanie-ihezukwu-on-managing-security-remotely www.secnews.physaphae.fr/article.php?IdArticle=2038162 False None None None CybeReason - Vendor blog Today's targeted attacks increasingly take aim at multiple devices and users simultaneously while employing a range of tactics, techniques and procedures (TTPs). Defenders are forced to work in silos, employing disparate tools on each type of asset -- one solution for endpoint, another for cloud, a third for mobile and fourth to look at cloud identities.]]> 2020-11-11T04:30:00+00:00 https://www.cybereason.com/blog/cybereason-xdr-delivering-future-ready-attack-protection-beyond-the-endpoint www.secnews.physaphae.fr/article.php?IdArticle=2028466 False None None None CybeReason - Vendor blog Cybereason was established with an offensive mindset as the foundation of the company's approach to developing future-ready defensive products and solutions because it takes a deeper understanding of the attacker's perspective to create game changing technologies that work to reverse the adversary advantage and return the high ground to the defenders.]]> 2020-11-09T18:19:07+00:00 https://www.cybereason.com/blog/ever-evolving-yonatan-striem-amit-on-handling-breaches-while-remote-author-allie-mellen www.secnews.physaphae.fr/article.php?IdArticle=2025318 False None None None CybeReason - Vendor blog A few months ago, we were lucky enough to grab some time with Tanya Janca to discuss some key issues around security in times of crisis. Tanya has more than twenty years of experience in the security industry, and we're so fortunate to have her join us for the series - check it out...]]> 2020-11-02T14:00:00+00:00 https://www.cybereason.com/blog/ever-evolving-tanya-janca-on-application-security-challenges www.secnews.physaphae.fr/article.php?IdArticle=2010601 False None None None CybeReason - Vendor blog Research by: Assaf Dahan, Lior Rochberger, Daniel Frank and Tom Fakterman]]> 2020-11-02T05:00:00+00:00 https://www.cybereason.com/blog/back-to-the-future-inside-the-kimsuky-kgh-spyware-suite www.secnews.physaphae.fr/article.php?IdArticle=2009739 False None None None CybeReason - Vendor blog On October 29, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) published a joint alert with the Federal Bureau of Investigations (FBI) and the Department of Health and Human Services (HHS). In it, the organizations claimed to “have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” CISA, the FBI and HHS attributed the threat to the digital criminal enterprise behind TrickBot, malware which is capable of targeting victims with ransomware.]]> 2020-10-30T19:55:19+00:00 https://www.cybereason.com/blog/law-enforcement-warns-of-imminent-ransomware-threat-to-u.s.-hospitals www.secnews.physaphae.fr/article.php?IdArticle=2005115 False Ransomware,Malware,Threat None None CybeReason - Vendor blog The FBI, DHS, and HHS are warning of imminent Ryuk ransomware attacks targeting hospitals in the US. The story is being covered broadly by the industry media, including  Krebs and various media outlets.]]> 2020-10-30T10:54:33+00:00 https://www.cybereason.com/blog/ryuk-ransomware-mitigation-and-defense www.secnews.physaphae.fr/article.php?IdArticle=2003888 False Ransomware None None CybeReason - Vendor blog When I went back into the workforce after my last degree in 1996, I made a big leap and returned to Canada to join a small team of passionate people in a brand new company called Signal 9 Solutions. I packed my bags and headed to the village of Ashton, Station Ontario not far from Ottawa, where thanks to my friend (and boss) Phil Attfield, I had a bed in Phil's basement, which had just flooded to due a thaw and snap freeze; I drove a green-minded, propane power Chrysler K-car with AM-only radio. This was the dream if you can believe it a quarter century later.]]> 2020-10-29T18:09:04+00:00 https://www.cybereason.com/blog/heart-of-cyber-darkness-how-i-became-a-defender www.secnews.physaphae.fr/article.php?IdArticle=2002758 False None None None CybeReason - Vendor blog At Cybereason, we ask defenders to place their trust in us to protect their valuable assets, and in return we believe we owe them a level of accountability worthy of that trust. As an affirmation of our commitment to our customers and the confidence we have in the effectiveness of our platform, we are pleased to announce the Cybereason Breach Protection Warranty (PDF), which provides up to $1 Million in coverage in the event of a breach. ]]> 2020-10-28T03:24:21+00:00 https://www.cybereason.com/blog/cybereasons-commitment-to-defenders-now-backed-by-1-million-breach-protection-warranty www.secnews.physaphae.fr/article.php?IdArticle=1999952 False None None None