• Home
  • Authors
  • Anthony M. Freed

About Anthony M. Freed

Anthony M. Freed

Anthony M. Freed is the Senior Director of Corporate Communications for Cybereason, and was previously a security journalist who authored feature articles, interviews and investigative reports which have been sourced and cited by dozens of major media outlets. Anthony previously worked as a consultant to senior members of product development, secondary and capital markets from the largest financial institutions in the country, and he had a front row seat to the bursting of the credit bubble.

All posts by Anthony M. Freed

Securing Your Organization’s Digital Transformation with XDR

To Defend Forward means aggressively collecting intelligence about adversaries’ tactics and strengthening proactive resiliency across the organization to make it more costly for adversaries to achieve their objectives...

May 25, 2022 / 4 minute read

Targeted by Ransomware? Here are Three Things to Do Straight Away

The only way organizations can successfully defend against ransomware and RansomOps attacks is to be able to detect them early and end them before any data exfiltration or encryption of critical files and systems can take place...

May 24, 2022 / 4 minute read

Harnessing the Power of AI-Driven XDR

AI/ML is really good at analyzing large data sets with a high degree of accuracy to identify events of concern at a scale manual human analysis can never match, relieving security teams of the tedious task of sorting the signal from the noise...

May 11, 2022 / 4 minute read

How Do Ransomware Attacks Impact Victim Organizations’ Stock?

After all the big ransomware attack headlines, one might be inclined to think that a successful ransomware attack would also impact a victim organization’s stock price over the long term, but so far that's not the case according to several studies...

May 9, 2022 / 5 minute read

Why XDR Adoption Should Be a CISO Priority

An AI-driven XDR solution allows Defenders to move from a "detect and respond" mode to a more proactive “predictive response” posture where the likely next steps in an attack are anticipated and blocked...

April 27, 2022 / 3 minute read

The State of Ransomware in the Retail Sector

Three-quarters of Retail organizations reported a significant loss of revenue after suffering a ransomware attack, more than half (58%) experienced employee layoffs, and one third were forced to temporarily suspend or halt their business operations altogether...

April 26, 2022 / 5 minute read

How Strategic Detections Set XDR Apart

Most XDR platforms ingest a variety of threat intelligence to spot known Indicators of Compromise (IOCs), but only an AI-driven XDR solution can detect based on the more subtle chains of activity known as Indicators of Behavior (IOBs)...

April 20, 2022 / 4 minute read

Ransomware Attacks: Can Cyber Insurance Protect Your Organization?

Nearly half of organizations with cyber insurance in place when they were victims of a ransomware attack said that their insurer only covered a portion of their losses, so they still needed to pay out of pocket significantly to cover the recovery costs...

April 19, 2022 / 3 minute read

Security Budgets Are Increasing - But So Are Attacks

An AI-driven XDR solution can correlate security telemetry from across the network to produce a complete picture of all elements of an attack to automate responses - basically eliminating the need for SIEM and SOAR tools in most circumstances...

April 13, 2022 / 4 minute read

White Paper: Inside Complex RansomOps and the Ransomware Economy

This white paper examines the growing threat from complex RansomOps, as well as the larger Ransomware Economy, and provides prescriptive guidance for organizations determined to remain undefeated by ransomware attacks...

April 12, 2022 / 1 minute read

Evaluating XDR Solutions? Caveat Emptor - Buyer Beware

Don’t be fooled by marketing ploys from vendors touting their latest big dollar acquisition of technologies they can’t integrate but still try to pawn off as XDR...

April 6, 2022 / 4 minute read

Ransomware vs. AI: The Battle Between Machines

An AI-driven XDR solution can cut through the noise introduced by a constant flood of alerts, allowing security teams to spend less time sifting through alerts and chasing false positives and more time detecting and blocking attacks...

April 5, 2022 / 4 minute read

Four Ways XDR Optimizes Your Security Stack

An AI-driven XDR solution enables organizations to embrace an operation-centric approach that delivers the visibility required to be confident they can halt attack progressions at the earliest stages...

March 30, 2022 / 4 minute read

How to Create an Effective Ransomware Response Plan

Organizations need to be capable of responding effectively to a ransomware attack in order to minimize impact to the business. Here are three things they should consider along the way...

March 29, 2022 / 4 minute read

AI-Driven XDR: Defeating the Most Complex Attack Sequences

Unlike pseudo-XDR offerings that are really just EDR tools with a cloud extension, an AI-driven XDR solution does not require that valuable telemetry be filtered out due to a platform’s inability to handle the volume of intelligence available...

March 23, 2022 / 4 minute read

Authentication Platform Okta Confirms Breach Impacts Customer Base

Authentication platform Okta has confirmed they were breached and customer base impacted after threat actors Lapsus$ gained access to the company’s internal environment...

March 22, 2022 / 3 minute read

The State of Ransomware in the Manufacturing Sector

Sixty percent of manufacturing organizations said they were struggling to defend against ransomware attacks due to their growing sophistication, while just under half noted that they were likely to get hit at some point...

March 22, 2022 / 3 minute read

Leveraging the X in XDR: Correlating Across Multiple Sources of Telemetry

One good way to spot pseudo-XDR offerings is to ask the provider if the tool has the ability to ingest and analyze all available telemetry, or if the platform has limitations that requires "smart filtering" of some or most of the telemetry...

March 16, 2022 / 3 minute read

Leveraging Artificial Intelligence to Prevent RansomOps Attacks

Crowdstrike and SentinelOne platforms are forced to filter out critical event telemetry--and while they try to pawn off this deficit as a "feature" by calling it Smart Filtering, eliminating critical telemetry undermines their ability to detect complex RansomOps attacks at the earliest stages...

March 15, 2022 / 4 minute read

SecOps: Getting Behind the Wheel with XDR

An AI-driven XDR solution enables SecOps teams to embrace an operation-centric approach that delivers the visibility required to halt attack progressions at the earliest stages...

March 9, 2022 / 3 minute read

The Impact of Ransomware in the Healthcare Sector

Healthcare organizations need to assume that they’ll be hit, and it’s better to be prepared and never be the victim of a ransomware attack than it is to start the process of bolstering defenses after an attack has been successful...

March 8, 2022 / 3 minute read

Cybereason and MITRE Engenuity Center for Threat-Informed Defense Launch the Attack Flow Project

Cybereason and the MITRE Engenuity Center for Threat-Informed Defense launch the Attack Flow Project to develop a common data format for describing adversary behavior and improve defensive capabilities...

March 3, 2022 / 2 minute read

XDR is Here: How and Why to Get Started

AI-driven XDR automatically correlates telemetry from across endpoints, data centers, application suites, user identities and more, freeing security teams from the need to constantly triage a flood of non-contextual threat alerts and false positives...

March 2, 2022 / 3 minute read

What’s Next in the Evolution of Complex RansomOps?

Remember, the actual ransomware payload is the tail end of a RansomOps attack, so there are weeks or even months of detectable activity where a ransomware attack can be disrupted before there is serious impact...

March 1, 2022 / 3 minute read

Why Telemetry Correlations are Essential to XDR

Most EDRs can’t even handle all the telemetry available from endpoints, so jamming even more data into these tools that can’t actually correlate any of it effectively then trying to pass it off as XDR is simply a fool's errand...

February 23, 2022 / 3 minute read

Three Questions to Ask about Ransomware Preparedness

Organizations need to think strategically and be proactive about ransomware preparedness - here are three questions you should be asking in order to avoid being the victim of a successful RansomOps attack...

February 22, 2022 / 4 minute read

Securing Critical Infrastructure with XDR

There is the potential for these attacks to cross the cyber-physical divide by inadvertently or purposefully disrupting crucial systems that govern assets that are vital to the economy, national security, or protecting lives...

February 16, 2022 / 4 minute read

How to Prevent Ransomware Attacks at the Earliest Stages

This ongoing evolution of complex ransomware operations highlights the need to be strategic with RansomOps defense. Specifically, it underscores the importance of an operation-centric approach to RansomOps prevention...

February 15, 2022 / 4 minute read

Cybereason Partners with EGUARDIAN to Defend Organizations Against Complex Cyberattacks

“With Cybereason, I am confident we will be able to give Sri Lankan enterprises the right tools and technologies to successfully overcome increasing global cyber threats..."

February 14, 2022 / 1 minute read

Debunking Three Common Misconceptions about XDR

An AI-driven XDR solution provides Defenders with the ability to predict, detect and respond to cyberattacks across the entire enterprise network, including endpoints, identities, the cloud, application suites and more...

February 9, 2022 / 4 minute read

Financial Services and the Evolving Ransomware Threat

Attackers’ interest in targeting financial institutions aligns with larger trends that are shaping the ransomware threat landscape, like the increasing complexity of some ransomware operations–or RansomOps...

February 8, 2022 / 3 minute read

XDR: The Key to Empowering Your SOC

XDR can evolve with the changing threat landscape, can allow complex attack operations to be identified at the earliest stages, and can automate responses for a faster mean time to remediation at scale...

February 2, 2022 / 3 minute read

Three Reasons XDR Should Drive Your Security Strategy

Security teams are short-staffed, network complexity continues to increase and the cost of data breaches is growing - XDR offers an opportunity to reverse these trends and more...

January 25, 2022 / 4 minute read

Ten of the Biggest Ransomware Attacks of 2021

Researchers estimated there would be about 714 million ransomware attacks by the end of 2021, a 134% year-over-year increase from 2020. Let’s take a moment now to examine ten of the biggest ransomware attacks of 2021...

January 24, 2022 / 4 minute read

Five Ransomware Myths that Leave Businesses Vulnerable

Remember, the actual ransomware payload is the very tail end of a RansomOps attack, so there are weeks to months of detectable activity prior to the payload where an attack can be intercepted...

January 19, 2022 / 5 minute read

Evaluating Open XDR vs. Native XDR

Open XDR can leverage multiple security tools, vendors and telemetry types, all integrated into a single detection and response platform that centralizes behavior analysis...

January 19, 2022 / 3 minute read

EDR, MDR and XDR – What Are the Differences?

Shortcomings in traditional tools explain why XDR is generating a lot of buzz - it extends the capabilities of EDR beyond endpoints to an organization’s cloud workloads, application suites, and user personas...

January 12, 2022 / 4 minute read

The State of Ransomware in the Public Sector

Things escalated even further in June of 2021, when public sector entities experienced 10 times as many ransomware attempts as organizations in other sectors, an increase of 917% year over year...

January 11, 2022 / 3 minute read

Automating the “R” in Your XDR Strategy

Advanced XDR doesn’t rely on a flood of non-contextual threat alerts from across disparate assets, but instead delivers deep context and correlations between assets to detect sooner and automates responses to mitigate faster...

January 5, 2022 / 5 minute read

History’s Most Notorious Ransomware Gangs

The actual ransomware payload is the very tail end of a RansomOps attack, so there are weeks or even months of detectable activity prior to the payload delivery where an attack can be intercepted proactively...

December 21, 2021 / 3 minute read

Leveraging the XDR Advantage in the Midst of a Pandemic

If a security provider’s EDR can’t handle all the endpoint telemetry required to detect and end attacks faster and more efficiently, you can be sure their XDR platform suffers similar limitations...

December 8, 2021 / 3 minute read

Ransomware by the Numbers – An Impact Overview

Despite the significant impact ransomware attacks have on organizations, most simply are not prepared to defend against them even if their organization has already suffered a successful ransomware attack...

December 7, 2021 / 4 minute read

AI/ML Powered Automation: The Future of Cybersecurity at Scale

The Cybereason Defense Platform leverages multiple layers of AI/ML analysis to quickly identify malicious chains of behavior, never before seen malware strains, complex ransomware attack sequences and other digital threats...

December 1, 2021 / 4 minute read

A Brief History of Ransomware Evolution

There have been over 200 ransomware attacks that have made headlines in 2021 so far - to understand how we got here, let's look at how the ransomware threat has evolved over the years...

November 30, 2021 / 5 minute read

Which Data Do Ransomware Attackers Target for Double Extortion?

The double extortion tactic is very effective because it undermines ransomware recovery strategies that rely on data backups - with double extortion the options for organizations become more limited...

November 23, 2021 / 4 minute read

Cybereason Research Finds Organizations Unprepared for Ransomware Attacks on Weekends and Holidays

The research findings highlight a disconnect between the risk ransomware poses to organizations during these off-hour periods and their preparedness to respond during weekends and into the holiday season...

November 17, 2021 / 4 minute read

RansomOps™: Detecting Complex Ransomware Operations

Remember, the ransomware payload is the tail end of a RansomOps attack, and there are weeks or months of detectable activity prior where an attack can be arrested before there is impact to the target...

November 16, 2021 / 3 minute read

Why XDR is a ‘Must Have’ for Organizations of Every Size

XDR collects all pertinent telemetry, uses AI to analyze it and add actionable context, then allows for true automation of responses across endpoints, on-prem and cloud workloads, user identities and more...

November 10, 2021 / 3 minute read

The Ransom Disclosure Act and Defending Against Complex RansomOps™

The ability to recognize RansomOps early in the attack progression is the key to preventing a successful ransomware attack and relegating the adversary activity to a much less disruptive intrusion or data exfiltration attempt...

November 9, 2021 / 3 minute read

Actionable XDR Telemetry vs. Uncorrelated SIEM Alerts

If a provider is trying tout the elimination of valuable telemetry through “smart filtering” as a solution feature, this is a big red flag that should tell you they cannot deliver effective XDR - or even EDR for that matter...

November 3, 2021 / 3 minute read

What Are the Most Common Attack Vectors for Ransomware?

Exploiting Microsoft Remote Desktop Protocol (RDP) accounted for more than half of all ransomware infections, followed by email phishing and the exploitation of software vulnerabilities...

November 2, 2021 / 3 minute read

What is Advanced XDR? Understanding Extended Detection and Response

Cybereason Advanced XDR collects and analyzes 100% of event telemetry in real-time, processing more than 23 trillion security-related events per week with absolutely no “dumb filtering" that can leave your organization at risk...

October 27, 2021 / 3 minute read

An Operation-Centric Approach to RansomOps™ Prevention

Understanding RansomOps and strategies to detect and disrupt them early in the kill chain can turn a potentially devastating ransomware attack into a less disruptive intrusion and/or data exfiltration attempt...

October 26, 2021 / 4 minute read

Why All Telemetry is Essential for XDR Performance

Some vendors resort to "data filtering" where they eliminate vital telemetry before analysis, which produces an incomplete snapshot of an organization’s security posture and will not answer the question “are we under attack?”

October 20, 2021 / 3 minute read

What is the Dark Web Ransomware Marketplace?

Members of dark markets commonly promote Ransomware-as-a-Service (RaaS) operations where malicious actors post ads for different ransomware kits for rent and varying levels of support for RansomOps...

October 19, 2021 / 3 minute read

Microsoft’s Failure to Prioritize Security Puts Everyone at Risk

No matter how you justify the “savings” in bundling IT and Security spend together with a (still very expensive) E5 license, the fact is you’d essentially be paying Microsoft twice to protect you from… Microsoft...

October 14, 2021 / 5 minute read

What is the Importance of XDR in Cloud Security?

The Cybereason XDR Platform draws upon IOCs as well as Indicators of Behavior (IOBs), which provide insight into the more subtle signs of compromise to protect on-prem and cloud, identities, and applications from exploitation...

October 13, 2021 / 3 minute read

What is Ransomware-as-a-Service and How Does it Work?

RansomOps attacks begin with a developer making malicious code available on the black market - the custom code delivers the ransomware payload and the RaaS providers help negotiate payment, and they split the fee with the affiliate...

October 12, 2021 / 3 minute read

How Do Initial Access Brokers Enable Ransomware Attacks?

Microsoft Remote Desktop Protocol (RDP) vulnerabilities accounted for over half of all ransomware attacks, where Initial Access Brokers scan for exposed RDP ports and then sell network access to ransomware groups...

October 5, 2021 / 4 minute read

How Does XDR Solve the IT Infrastructure Visibility Gap?

Detection and Response was once limited to traditional endpoints, but XDR means it can now be applied across applications, cloud workloads, user personas and more to correlate events across these disparate elements...

September 29, 2021 / 3 minute read

Ransomware Prevention vs. Recovery: Which Costs Businesses More?

Research demonstrates that it is significantly less costly to prevent a ransomware attack than to suffer a ransomware infection and pay the costs to recover fully - so what's the hesitation?

September 28, 2021 / 3 minute read

How XDR is Changing Security for the Better

XDR allows organizations to move to an operation-centric approach by freeing SOC analysts from an alert-centric posture that cannot scale to keep up with the rapidly evolving threat landscape...

September 22, 2021 / 3 minute read

How the Ransomware Gangs Stay One Step Ahead

Maze and LockBit collaboration highlights how ransomware gangs share infrastructure, expertise and stolen data, which helps attackers evolve by learning from one another...

September 21, 2021 / 3 minute read

Four Considerations for Evaluating XDR Platforms

There’s a growing need for the more holistic approach to threat detection and response that XDR can deliver. Why? Just look at what’s going on in the digital threat landscape...

September 15, 2021 / 3 minute read

What is Driving the Surge of Ransomware Attacks?

More digital infrastructure means organizations have more assets that attackers can use as attack vectors to establish a foothold on the network before moving laterally and deploying their ransomware payloads...

September 14, 2021 / 3 minute read

Busted: Taking Down Ransomware Attackers

The attention surrounding ransomware might be unprecedented this year, and law enforcement has brought ransomware actors to justice in the past. Let’s look at a few examples...

September 8, 2021 / 3 minute read

The Value Drivers for an XDR Investment

Consider the value that stopping a ransomware attack at initial ingress or at lateral movement on the network versus a costly and disruptive incident response scramble and “roll-back” of encryption on every affected system...

September 1, 2021 / 3 minute read

Evolving Ransomware Tactics Include Recruiting Insiders and DDoS Attacks

Ransomware gangs are targeting insiders to give them network access as well as threatening targets with DDoS attacks if they refuse to pay a ransom demand in double extortion schemes...

August 31, 2021 / 3 minute read

How XDR Delivers on SOAR’s Unfulfilled Promises

After being around for years, has SOAR really delivered on any of the lofty promises? Ask any user, and their answer will most likely be “kind of" because analysts still need to manually intervene and sift through all the “well organized noise...”

August 25, 2021 / 3 minute read

Three Reasons Why You Should Never Pay Ransomware Attackers

After falling prey to a ransomware attack, most organizations are faced with the decision of whether they’re going to pay the ransom demand. We’ll save you some time: it’s not worth it, and here are three of the many reasons why it does not pay to pay...

August 18, 2021 / 3 minute read

XDR: The Key to Solving SIEM Shortcomings

SIEMs were intended to solve an array of issues by using automation to better enable analysts to detect and respond to security issues more quickly. But have SIEM solutions really delivered on their promises?

August 17, 2021 / 3 minute read

Who Are the Main Targets of Ransomware Attacks?

With RansomOps™ attacks, the goal is to choose a target that is in a sensitive industry like critical infrastructure, as well as selecting targets based on their ability to pay an incredibly large ransom demand...

August 10, 2021 / 3 minute read

XDR: The Next Step in Threat Detection and Response

XDR frees security analysts from tedious manual tasks through automation for enhanced threat detection and response, allowing them to focus on their organizations’ overall security posture...

August 9, 2021 / 3 minute read

Partners in Crime: How Ransomware Gangs Are Working Together

Ransomware actors are working together to maximize their profits, but that raises some questions, like what does collaboration between ransomware groups look like?

August 4, 2021 / 2 minute read

What the Growing Costs of a Data Breach Means for the Business

These findings highlight the need for organizations to defend themselves against ransomware attacks and other costly security incidents by working with a trusted vendor to streamline detection and response capabilities...

August 2, 2021 / 3 minute read

The XDR Advantage: Eliminate Dwell Time and Gain Visibility

XDR provides organizations all they need to pinpoint, understand, and then stop attacks wherever they are on the network by taking an operation-centric approach to security...

July 27, 2021 / 3 minute read

Three Ransomware Attacks that Upped the Ante

A behavior-based approach to prevention, detection and response is required for success against ransomware attacks by stopping them at the earliest stages, long before the ransomware payload can be delivered....

July 21, 2021 / 4 minute read

What SMBs Need to Know about Ransomware Attacks

The disruption of critical business operations is shared across all industry verticals and organizations of all sizes, including small to midsize businesses...

June 30, 2021 / 3 minute read

XDR: The Key to Higher Education’s Fight Against Ransomware

XDR provides a prevention-first strategy for early detection to stop disruptive ransomware attacks before damage is done to the organization....

June 21, 2021 / 3 minute read

Ransomware Attacks are Evolving: What You Need to Know

We’ve observed ransomware threat groups using multiple leverage points to extort their victims - here are a few tactics that stood out to us...

June 14, 2021 / 3 minute read

XDR: Moving Beyond the Limits of SIEM and SOAR

SIEM, SOAR and EDR technologies have their benefits, but organizations need to move beyond - that’s where XDR comes into play...

May 27, 2021 / 4 minute read

Ransomware Trends: Six Notable Ransomware Attacks from 2021

Several ransomware incidents made headlines in 2021 - here are six events that stood out among the rest...

May 26, 2021 / 3 minute read

Ransomware Attacks are Evolving – Is Your SOC Ready?

Ransomware actors have accelerated the evolution of the tactics and techniques designed to make the attacks more effective - is your SOC ready?

May 12, 2021 / 3 minute read

Inside the DarkSide Ransomware Attack on Colonial Pipeline

Lengthy detection, investigation and response periods following a ransomware attack is too little, too late - prevention is key to defending against ransomware attacks...

May 10, 2021 / 4 minute read

Three Keys to a Reliable Ransomware Defense Strategy

Organizations need to prepare for ransomware attacks - here are three tips for building a successful ransomware prevention strategy...

May 5, 2021 / 3 minute read

Securing the Financial Sector Now and Into the Future with XDR

What’s keeping financial organizations from detecting and responding to attacks early enough to prevent them from becoming major breach events?

May 3, 2021 / 4 minute read

Five Things You Need to Know About Ransomware Attacks

Here are five things you need to know about the current state of ransomware attacks and how to defend against them...

April 28, 2021 / 3 minute read

REvil/Sodinokibi Ransomware Gang Extorts Apple Through Supply Chain Attack

"Either REvil is benefitting indirectly from pariah policies related to cybercrime in Russia or is directly taking orders from a government." ~Sam Curry, Cybereason CSO...

April 22, 2021 / 3 minute read

Rise of Double-Extortion Shines Spotlight on Ransomware Prevention

By using double extortion, ransomware attackers can compel organizations to pay a ransom even if they are able to recover their information using data backups...

April 14, 2021 / 3 minute read

DearCry Ransomware and the HAFNIUM Attacks – What You Need to Know

The Cybereason Defense Platform prevents the execution of DearCry ransomware and other malware being propagated by threat actors abusing residual elements of the recent HAFNIUM attacks on Microsoft Exchange...

March 30, 2021 / 3 minute read

Security CEO Roundtable: Restoring Our National Cybersecurity

Watch the discussion between leading security CEOs at Cybereason's roundtable event as they are addressing increased security funding in the recently passed American Rescue Package legislation in the wake of two devastating attacks.

March 16, 2021 / 37 minute read

The Cybereason MalOp: Achieving Operation-Centric Security

Defenders must be able to quickly identify, and respond to malicious operations (MalOps) with surgical precision, to be able to think, adapt, and act more swiftly than attackers can adjust their tactics...

February 10, 2021 / 1 minute read

SolarWinds Attacks Highlight Importance of Operation-Centric Approach

“We need to arm security analysts with tools to make the connection between disparate indicators of compromise—and, more importantly, the more subtle indicators of behavior associated with an attack—so that they can quickly detect and respond to malicious operations with surgical precision."

January 21, 2021 / 3 minute read