Category Archives: Red Teaming

FireEye says hackers stole its red-team tools, suggests state-sponsored group is to blame

Posted on by

FireEye, one of the most influential cybersecurity companies in the world, on Tuesday revealed that it had been breached by a suspected state-sponsored hacking group. FireEye CEO Kevin Mandia said that the FBI and security experts at Microsoft were helping investigate the incident, in which attackers accessed the tools FireEye uses to simulate attacks against clients. “Their initial analysis supports our conclusion that this was the work of a highly sophisticated state-sponsored attacker utilizing novel techniques,” Mandia said in a blog post. Attackers stole so-called red team tools, which security firms use to imitate real-world hacks on behalf of their clients. Such red team tools from a respected firm like FireEye would provide malicious attackers with a kind of roadmap on how to subvert defenses, and breach victims. Mandia said his firm was taking the extraordinary step of developing “more than 300 countermeasures for our customers, and the community at […]

The post FireEye says hackers stole its red-team tools, suggests state-sponsored group is to blame appeared first on CyberScoop.

Continue reading FireEye says hackers stole its red-team tools, suggests state-sponsored group is to blame

RangeForce Expands Security Training Cloud Service

Posted on by

RangeForce today unfurled Battle Fortress Cyber Range, a cloud-based service through which red/blue teams can conduct security training using modules and content they can reuse across multiple exercises. Will Munroe, vice president of marketing for Ra… Continue reading RangeForce Expands Security Training Cloud Service

Protect your employees from phishing and social engineering | NCSAM at Synopsys

Posted on by

It was a busy summer for healthcare IT staff. The Minnesota Department of Human Services potentially breached 21,000 patients’ personal data. Gold Coast Health Plan emailed 37,000 patients to warn them their data had been exposed. And UnityPoint … Continue reading Protect your employees from phishing and social engineering | NCSAM at Synopsys

Randori enters automated red-teaming scene with $9.75 million seed investment

Posted on by

“Nation-state” hacking is a phrase often used to talk about the the scariest cyberthreats out there, but cybersecurity startup Randori is using it to market its platform. The company announced on Thursday that it secured $9.75 million in seed funding for its automated red-teaming services. The Boston-based company says that its platform lets customers launch “nation-state caliber” attacks on their own systems in order to assess their risks and vulnerabilities. Randori stresses that its platform carries out real attacks, not ones in simulated environments, in combination with “continuous reconnaissance.” “Despite massive investments of time and capital, organizations often don’t know where they’re vulnerable until after they’re hit. Simulated environments can’t account for the changing tactics of today’s attacker,” said CEO Brian Hazzard in a press release. Hazzard is a former vice president and founding employee of Carbon Black, an endpoint security company that went public earlier this year. Randori company […]

The post Randori enters automated red-teaming scene with $9.75 million seed investment appeared first on Cyberscoop.

Continue reading Randori enters automated red-teaming scene with $9.75 million seed investment

SCYTHE raises $3 million for attack simulation platform

Posted on by

SCYTHE, an Arlington, Va., based cybersecurity company, announced on Monday that it raised $3 million in seed funding for its automated red-teaming platform. The company flagship platform allows customers to simulate attack campaigns against their own networks in order to assess their defensive posture. SCYTHE says that its product uses a catalog of threats to “automatically deploy a combination of threat actor communications and end-point capabilities on the production environment.” Enterprises can customize their own adversarial campaigns then get reports on how well their systems stood up to the threat. Heading SCYTHE is Bryson Bort, a former U.S. Army officer who has worked in various cybersecurity strategy and research and development at multiple outfits. Bryson is the co-founder of ICS Village, a nonprofit that educates the public about risks to industrial control systems through live simulations. He also founded and is the chairman of GRIMM, a cybersecurity consultancy. “We’re constantly adding […]

The post SCYTHE raises $3 million for attack simulation platform appeared first on Cyberscoop.

Continue reading SCYTHE raises $3 million for attack simulation platform

Bring Your Own Land (BYOL) – A Novel Red Teaming Technique

Posted on by

Introduction
One of most significant recent developments in sophisticated
offensive operations is the use of “Living off the Land” (LotL)
techniques by attackers. These techniques leverage legitimate tools
present on the system, such … Continue reading Bring Your Own Land (BYOL) – A Novel Red Teaming Technique

M-Trends 2018

Posted on by

What have incident responders observed and learned from cyber attacks
in 2017? Just as in prior years, we have continued to see the cyber
security threat landscape evolve. Over the past twelve months we have
observed a number of new trends and ch… Continue reading M-Trends 2018