Former Mandiant exec tapped to run CTIIC, ODNI’s cyber threat intelligence center

Laura Galante comes to the role after several years of running her own cybersecurity firm. The Ukrainian government was one of her clients.

The post Former Mandiant exec tapped to run CTIIC, ODNI’s cyber threat intelligence center appeared first on CyberScoop.

Continue reading Former Mandiant exec tapped to run CTIIC, ODNI’s cyber threat intelligence center

Red Cross Hack Linked to Iranian Influence Operation?

A network intrusion at the International Committee for the Red Cross (ICRC) in January led to the theft of personal information on more than 500,000 people receiving assistance from the group. KrebsOnSecurity has learned that the email address used by a cybercriminal actor who offered to sell the stolen ICRC data also was used to register multiple domain names the FBI says are tied to a sprawling media influence operation originating from Iran. Continue reading Red Cross Hack Linked to Iranian Influence Operation?

Trellix, McAfee, FireEye, Mandiant: What’s next for four big names in cyber

On Jan. 19, the private equity firm that bought FireEye and McAfee Enterprise announced that the two acquisitions would “emerge” to form Trellix, a cybersecurity business with 5,000 employees and 40,000 customers. The goal is to offer “an integrated security platform designed to protect customers across endpoints, infrastructure, applications, and in the cloud,” Trellix officials said. The move also represents some disintegration, too, as it becomes the latest milestone in a shakeup involving some of the industry’s biggest names. The private equity firm — Silicon Valley-based Symphony Technology Group (STG) — finished its $4 billion acquisition of McAfee Enterprise in July, then bought much of FireEye in a deal that closed in October for $1.2 billion. With those two units forming Trellix, here’s where things stand for the relevant pieces: Trellix Bryan Palma, a FireEye executive vice president, is the new company’s CEO. In a Jan. 19 blog post, he […]

The post Trellix, McAfee, FireEye, Mandiant: What’s next for four big names in cyber appeared first on CyberScoop.

Continue reading Trellix, McAfee, FireEye, Mandiant: What’s next for four big names in cyber

McAfee and FireEye integrate with Amazon Inspector to protect data in the cloud

McAfee Enterprise and FireEye released new cloud security capabilities on AWS as well as integration with Amazon Inspector. FireEye Helix behavior analysis and machine-learning Extended Detection & Response (XDR) capabilities combined with Amazon I… Continue reading McAfee and FireEye integrate with Amazon Inspector to protect data in the cloud

As the holiday season approaches, threats to supply chain, e-commerce and travel soar

During the pandemic, 81% of global organizations experienced increased cyber threats with 79% experiencing downtime due to a cyber incident during a peak season, McAfee and FireEye reveal. 2021 holiday season cyber threats As the 2021 holiday season ap… Continue reading As the holiday season approaches, threats to supply chain, e-commerce and travel soar

Top cybersecurity threats enterprises will face in 2022

McAfee and FireEye released its 2022 Threat Predictions, examining the top cybersecurity threats they predict enterprises will face in 2022. Bad actors have taken note of successful tactics from 2021, including those making headlines tied to ransomware… Continue reading Top cybersecurity threats enterprises will face in 2022

State-sponsored Iranian hackers uploaded fake VPN app to Google’s Play store, posed as university officials

Suspected government-backed hackers from Iran have used an array of techniques, from password theft to uploading a fake app to a prominent app marketplace, to try gathering intelligence from targets over the past year, Google said in a bulletin published Thursday. The espionage group APT35, also known as Charming Kitten, last year successfully uploaded to Google’s Play Store an app that masqueraded as a virtual private network service, claiming the tool would safeguard user data. In fact, the apparent VPN program functioned as spyware, collecting call logs, text messages, contacts and location data from affected devices. Google said in an Oct. 14 update that it detected the program “quickly” and removed it before any downloads occurred. The surveillance app marks an update to existing APT 35 tactics. The group is best known for reportedly targeting email accounts associated with former President Donald Trump’s election campaign in 2020 and espionage around […]

The post State-sponsored Iranian hackers uploaded fake VPN app to Google’s Play store, posed as university officials appeared first on CyberScoop.

Continue reading State-sponsored Iranian hackers uploaded fake VPN app to Google’s Play store, posed as university officials

Huntress launches endpoint protection capabilities to defend SMBs from cyberattacks

Huntress launched a series of platform enhancements designed to protect small and midsize businesses (SMBs) from modern cyberthreats. The release includes the general availability of the company’s Managed Antivirus (AV) service, new host isolation capa… Continue reading Huntress launches endpoint protection capabilities to defend SMBs from cyberattacks

Suspected Chinese hackers masqueraded as Indian government to send COVID-19 phishing emails

An increasingly active Chinese government-linked hacking group impersonated Indian government agencies with phishing lures related to COVID-19 statistics and tax legislation, researchers say. It was the continuation of a campaign that dates to the earliest days of the pandemic, Blackberry said in a blog post Tuesday. The company tied together several threads of operations by APT41, a joint cyber-espionage and cybercrime organization that investigators have repeatedly tied to Beijing and that Blackberry said was responsible for the India-themed phishing lures. The permutation targeting India preyed on the same fears that hacking groups began seizing on in after the coronavirus outbreak. BlackBerry on Monday didn’t answer questions about the timeframe in which APT41 sent the India-themed lures, what its possible motives were and what industries the emails targeted. “The image we uncovered was that of a state-sponsored campaign that plays on people’s hopes for a swift end to the pandemic as […]

The post Suspected Chinese hackers masqueraded as Indian government to send COVID-19 phishing emails appeared first on CyberScoop.

Continue reading Suspected Chinese hackers masqueraded as Indian government to send COVID-19 phishing emails

‘Almost every nation’ now has cyber vulnerability exploitation program, NSA official says

Nearly every country on the planet now has a program to exploit digital vulnerabilities, a top National Security Agency cyber official said Wednesday, and while most are focused on espionage, more are beginning to experiment with more aggressive techniques. Rob Joyce, director of cybersecurity at the NSA, said there’s a lot of focus on China, Iran, North Korea and Russia, but those countries, which he described as the “big four,” are not the only nations weaponizing technology. “Almost every nation in the world now has a cyber exploitation program. The vast majority of those are used for espionage and intelligence purposes,” Joyce said at the Aspen Cyber Summit. “There is interest in dabbling in offensive cyber and outcomes.” Even some smaller nations have proven to be advanced, Joyce said. It’s just that they’re usually more confined in how they pursue their national interests, by things like the amount of money […]

The post ‘Almost every nation’ now has cyber vulnerability exploitation program, NSA official says appeared first on CyberScoop.

Continue reading ‘Almost every nation’ now has cyber vulnerability exploitation program, NSA official says