Collaborate Disseminate
In March of 2011, security vendor RSA was the target of an attack that compromised sensitive data related to the company’s flagship SecureID product. The solution was in-use by thousands of high-profile clients around the world, including the U.S…. Continue reading Malicious Life Podcast: The Untold Story of the RSA Breach Part 1
Late on Friday May 7, 2021, Colonial Pipeline, the company that runs the largest gasoline pipeline in the US, shut down operations following a ransomware attack on their systems. It later emerged that a relatively new ransomware-as-a-service crimi… Continue reading DarkSide Gang and the New Golden Age of Piracy
On May 8, the Colonial Pipeline Company announced that it had fallen victim to a ransomware attack a day earlier. The pipeline operations include transporting 100 million gallons of fuel daily to meet the needs of consumers across the entire easte… Continue reading Inside the DarkSide Ransomware Attack on Colonial Pipeline
Back in the 1990s, cyberwarfare was a word rarely used in the West – and definitely unheard of in China, which was just taking its first steps on the Internet. Two Chinese military officers, veterans of the semi-conflict with Taiwan, helped shape … Continue reading Malicious Life Podcast: China’s Unrestricted Cyberwarfare Part 1
This week marks the milestone of the Biden Administration’s first 100 days. It is somewhat arbitrary to expect an incoming president to achieve significant progress in just 100 days, or to judge success or failure based on such a small span of tim… Continue reading 100 Days Down, 1,360 Days of Nation-State Cybersecurity Threats to Go
The Cybereason Nocturnus Team has been tracking recent developments in the RoyalRoad weaponizer, also known as the 8.t Dropper/RTF exploit builder. Over the years, this tool has become a part of the arsenal of several Chinese-related threat actors… Continue reading PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector
Recently, the Cybereason Nocturnus Team responded to several incident response (IR) cases involving infections of the Prometei Botnet against companies in North America, observing that the attackers exploited recently published Microsoft Exchange … Continue reading Prometei Botnet Exploiting Microsoft Exchange Vulnerabilities
Recently, the Cybereason Nocturnus Team responded to several incident response (IR) cases involving infections of the Prometei Botnet against companies in North America, observing that the attackers exploited recently published Microsoft Exchange … Continue reading Prometei Botnet Exploiting Microsoft Exchange Vulnerabilities
The long-awaited 2020 MITRE ATT&CK evaluations are out! With the MITRE ATT&CK framework now being the standard by which Defenders can measure the effectiveness of various solutions in tracking adversary behavior, cyber vendors are cherry-p… Continue reading MITRE ATT&CK: Cybereason Dominates the Competition
A skyrocketing number of alerts, limited security talent, and millions of new malware strains daily have made security a seemingly insurmountable task.
The post Five Clear Steps to Enhance SecOps with MITRE ATT@CK appeared first on Security Boule… Continue reading Five Clear Steps to Enhance SecOps with MITRE ATT@CK