This content includes a video component that provides a deeper dive into the subject, a demonstration of product capabilities, and/or insights from subject matter experts.

THREAT ALERT: Inside the Redeemer 2.0 Ransomware

A new and improved Redeemer 2.0 ransomware version was released on an underground forum and is described by the developers as a “C++ no dependency ransomware with no privacy intrusions” targeting the Windows OS with support for Windows 11 systems...

Improving SOC Workflows with Cybereason Role-Based Incident Response

The Cybereason Defense Platform offers multi-tenancy capabilities to enable SOC teams to divide workflows based on roles...

Cybereason vs. Quantum Locker Ransomware

The AI-driven Cybereason XDR Platform detects and blocks MountLocker ransomware which launched back in September 2020. Since then, the attackers have rebranded the operation as AstroLocker, XingLocker, and now in its current phase, the Quantum Locker...

Cybereason XDR: Intelligence-Driven Hunting and Investigation

Threat intelligence is transparently integrated into every aspect of the AI-driven Cybereason XDR Platform to enable Threat Hunting for behavioral TTPs...

Cybereason vs. BlackCat Ransomware

BlackCat Ransomware gained notoriety quickly leaving a trail of destruction behind it, among its recent victims are German oil companies, an Italian luxury fashion brand and a Swiss Aviation company. Cybereason XDR detects and blocks BlackCat Ransomware...

Shields Up: Is Your Ransomware Protection What It Should Be?

Cybersecurity and Infrastructure Security Agency (CISA) is warning businesses to prepare for ransomware attacks if Russia invades Ukraine - learn how your organizations can be prepared...

Cybereason vs. WhisperGate and HermeticWiper

Ukrainian officials attributed the attack to Russia “preparing the ground” for a military invasion with nasty wipers dubbed WhisperGate and HermeticWiper. Cybereason Anti-Ransomware and Anti-MBR corruption technology detects and blocks WhisperGate and HermeticWiper...

Cybereason vs. Lorenz Ransomware

Prior to the deployment of the Lorenz ransomware, the attackers attempt to infiltrate and move laterally throughout the organization, carrying out a fully-developed RansomOps attack - the Cybereason XDR Platform fully detects and prevents the Lorenz ransomware...

Responding to Multi-Endpoint Threats with XDR

The Cybereason XDR Platform provides a unified view of your endpoints, allowing analysts to quickly remediate complex threats across multiple machines...

Cybereason XDR: Achieving 10X Reduction in False Positives

The Cybereason MalOp detection engine to identify malicious behaviors with extremely high confidence levels, reducing false positives by a factor of 10...

Video: Google Cloud and Cybereason Shift the XDR Paradigm to 'Detect and Anticipate'

The Google Cloud and Cybereason partnership shifts the XDR paradigm to “detect, understand, anticipate" by introducing a prognostic element that anticipates attacker behaviors to deliver faster conviction of potentially malicious activity...

Cybereason vs. Prometheus Ransomware

The Cybereason Defense Platform detects and prevents Prometheus ransomware, a relatively new variant first observed in February of 2021 that has impacted more than 40 companies...

Cybereason vs. REvil Ransomware: The Kaseya Chronicles

Cybereason detects and blocks REvil ransomware, protecting our customers and those of our Managed Services Provider partners in the wake of the Kaseya supply chain attacks...

Cybereason vs. REvil Ransomware

The Cybereason Defense Platform detects and blocks REvil ransomware, allowing defenders to protect their organizations from this evolving threat...

SC Awards Europe: Cybereason Named Finalist for Best Endpoint Security

Cybereason is excited to announce it was named a finalist in the Best Endpoint Security category of the 2021 SC Awards Europe competition...

Cybereason vs. Avaddon Ransomware

Cybereason Nocturnus Team has been tracking the Avaddon Ransomware since June 2020 and the double extortion model...

The Cybereason Difference: Introduction to the MalOp

The MalOp provides a contextualized view of the full attack narrative correlated across all impacted endpoints and users so security analysts can respond to threats with an operation-centric approach...

Cybereason vs. DarkSide Ransomware

DarkSide ransomware follows the double extortion trend where the threat actors first exfiltrate the data and threaten to make it public if the ransom demand is not paid, rendering backing up data as a precaution against a ransomware attack moot...

Cybereason vs. NetWalker Ransomware

The NetWalker ransomware has been targeting organizations in the US and Europe including several healthcare organizations, despite several known threat actors publicly claiming to abstain from targeting such organizations due to COVID-19.

Cybereason vs. RansomEXX Ransomware

The Cybereason Nocturnus Team has been tracking the activity around the RansomEXX, being used as a part of multi-staged human-operated attacks targeting various government related entities and tech companies.

Cybereason vs. Conti Ransomware

Since first emerging in May 2020, the ransomware operators (aka. the Conti Gang) claim to have over 150 successful attacks with millions in extortion fees. Download the Indicator's of Compromise to search for Conti in your own environment.

Ever Evolving: Israel Barak on Running Remote SOC Ops

We spent some time with Israel Barak, Chief Information Security Officer at Cybereason, who discussed some of the challenges of running a world-wide SOC remotely during the pandemic.

Cybereason vs. Cl0p Ransomware

The Cybereason Nocturnus team has been tracking the activity of the Cl0p ransomware, a variant of CryptoMix ransomware. Download the Indicator's of Compromise to search for Cl0p in your own environment...

Cybereason vs. SolarWinds Supply Chain Attack

On December 13, 2020, IT infrastructure management provider SolarWinds issued a Security Advisory regarding their SolarWinds Orion Platform after experiencing a “highly sophisticated” supply chain attack.

Ever Evolving: Jake Williams on Running an Infosec Consultancy Remotely

We spent some time with Jake Williams - founder and President at Rendition Infosec and SANS Instructor - discusses some of the challenges in remotely running a successful infosec consultancy.

Cybereason vs. Ryuk Ransomware

Ryuk ransomware is most often seen as the final payload in a larger targeted attack against a corporation, and since its return in September, it has been mainly delivered via TrickBot or BazarLoader infections.

Ever Evolving: Katie Nickels on Incident Response in a Remote World

We spent some time with Katie Nickels - current Director of Intelligence at Red Canary and formerly MITRE ATT&CK Threat Intelligence Lead - to discuss applied threat intelligence, prioritizing threats for impact, and working incident response in remote environments.

Ever Evolving: Rachel Tobac Talks Social Engineering

We spent some time with Rachel Tobac discussing techniques, awareness and training for organizations seeking to limit the risk from one of the most difficult security threats to counter - social engineering attacks

Cybereason vs. Egregor Ransomware

Egregor is a newly identified ransomware variant that was first discovered in September, 2020, and has recently been identified in several sophisticated attacks on organizations worldwide, including the games industry giants Crytek and Ubisoft. 

Ever Evolving: Cybereason CSO Sam Curry on Security and Leadership

Cybereason CSO Sam Curry shares insights on tackling tough security challenges from a strategic perspective as well as from the point of view of a leader of security operations teams working tirelessly to reverse the adversary advantage and return the high ground to the defenders.

Cybereason vs. MedusaLocker Ransomware

There have been reports of MedusaLocker attacks across multiple industries, especially the healthcare industry which suffered a great deal of ransomware attacks during the COVID-19 pandemic.

Ever Evolving: Stephanie Ihezukwu on Managing Security Remotely

Not long ago we were fortunate to grab some time with Steph Ihezukwu who shared her insights and observation on everything from diversity in tech to how to collaborate with teams in the age of remote work and heightened security concerns.

Ever Evolving: Yonatan Striem-Amit on Handling Breaches While Remote

Cybereason co-founder Yonatan Striem-Amit discusses the challenges inherent in addressing security breaches remotely.

Ever Evolving: Tanya Janca on Application Security Challenges

We were lucky enough to grab some time with Tanya Janca to discuss some key issues around security in times of crisis.