FEATURED

Malicious Life Podcast: What The LinkedIn Hack Taught Us About Storing Passwords

An anonymous hacker posted a list of 6.5 Million encrypted passwords for LinkedIn users on a Russian forum. These passwords were hashed using an outdated and vulnerable hashing algorithm and were also unsalted. Lawsuits followed shortly… can we trust big organizations to keep our secrets safe? Check it out…  Read More

Latest Posts

Targeted by Ransomware? Here are Three Things to Do Straight Away

The only way organizations can successfully defend against ransomware and RansomOps attacks is to be able to detect them early and end them before any data exfiltration or encryption of critical files and systems can take place...

May 24, 2022 / 4 minute read

Defend Forward

Cybereason CEO Lior Div talks about the inaugural report from the Cyber Defenders Council and why the principles of Defend Forward are important for cybersecurity...

May 23, 2022 / 2 minute read

Ransomware: What’s in a Name?

We continue to use the same name to describe a problem that has evolved over time and is significantly more complex today. Many are really unprepared to counter the threat as it exists today...

May 18, 2022 / 3 minute read

Cyber Defenders Council Report: Defend Forward - A Proactive Model for Cyber Deterrence

The Cyber Defenders Council is an independent group of preeminent cybersecurity leaders from public and private sector organizations around the world with the mission to adapt Defend Forward deterrence concepts for the private sector - read the inaugural report here...

May 17, 2022 / 1 minute read

Malicious Life Podcast: Inside Operation CuckooBees

We delve into a recently discovered cyber-espionage campaign targeting the Defense, Energy, Aerospace, Biotech and Pharma industries conducted by the Winnti Group (APT 41, BARIUM, and Blackfly) - a Chinese state-sponsored APT group known for its stealth and sophistication...

May 17, 2022 /

Cybereason Named to CNBC 2022 Disruptor 50 List for Second Consecutive Year

Cybereason has been named to the exclusive 10th Annual CNBC Disruptor 50 list of the most disruptive private global companies, joining other esteemed rapid-growth companies including Canva, Blockchain.com, Stripe, Chime and more...

May 17, 2022 / 1 minute read

See All Posts
Newsletter

Never miss a blog.

Get the latest research, expert insights, and security industry news...

Subscribe Here!

Latest Videos

Shields Up: Is Your Ransomware Protection What It Should Be?

Cybersecurity and Infrastructure Security Agency (CISA) is warning businesses to prepare for ransomware attacks if Russia invades Ukraine - learn how your organizations can be prepared...

February 18, 2022

Cybereason vs. WhisperGate and HermeticWiper

Ukrainian officials attributed the attack to Russia “preparing the ground” for a military invasion with nasty wipers dubbed WhisperGate and HermeticWiper. Cybereason Anti-Ransomware and Anti-MBR corruption technology detects and blocks WhisperGate and HermeticWiper...

February 15, 2022

Responding to Multi-Endpoint Threats with XDR

The Cybereason XDR Platform provides a unified view of your endpoints, allowing analysts to quickly remediate complex threats across multiple machines...

February 4, 2022

Cybereason XDR: Achieving 10X Reduction in False Positives

The Cybereason MalOp detection engine to identify malicious behaviors with extremely high confidence levels, reducing false positives by a factor of 10...

February 2, 2022

More Videos
Malicious Life Podcast: What The LinkedIn Hack Taught Us About Storing Passwords

An anonymous hacker posted a list of 6.5 Million encrypted passwords for LinkedIn users on a Russian forum. These passwords were hashed using an outdated and vulnerable hashing algorithm and were also unsalted. Lawsuits followed shortly… can we trust big organizations to keep our secrets safe? Check it out…

May 24, 2022 /

Targeted by Ransomware? Here are Three Things to Do Straight Away

The only way organizations can successfully defend against ransomware and RansomOps attacks is to be able to detect them early and end them before any data exfiltration or encryption of critical files and systems can take place...

May 24, 2022 / 4 minute read

Defend Forward

Cybereason CEO Lior Div talks about the inaugural report from the Cyber Defenders Council and why the principles of Defend Forward are important for cybersecurity...

May 23, 2022 / 2 minute read

Ransomware: What’s in a Name?

We continue to use the same name to describe a problem that has evolved over time and is significantly more complex today. Many are really unprepared to counter the threat as it exists today...

May 18, 2022 / 3 minute read

Cyber Defenders Council Report: Defend Forward - A Proactive Model for Cyber Deterrence

The Cyber Defenders Council is an independent group of preeminent cybersecurity leaders from public and private sector organizations around the world with the mission to adapt Defend Forward deterrence concepts for the private sector - read the inaugural report here...

May 17, 2022 / 1 minute read

Malicious Life Podcast: Inside Operation CuckooBees

We delve into a recently discovered cyber-espionage campaign targeting the Defense, Energy, Aerospace, Biotech and Pharma industries conducted by the Winnti Group (APT 41, BARIUM, and Blackfly) - a Chinese state-sponsored APT group known for its stealth and sophistication...

May 17, 2022 /

Cybereason Named to CNBC 2022 Disruptor 50 List for Second Consecutive Year

Cybereason has been named to the exclusive 10th Annual CNBC Disruptor 50 list of the most disruptive private global companies, joining other esteemed rapid-growth companies including Canva, Blockchain.com, Stripe, Chime and more...

May 17, 2022 / 1 minute read

Cybereason Named Overall Leader in 2022 KuppingerCole Leadership Compass

Cybereason named an Overall Leader in the 2022 KuppingerCole Leadership Compass for vendors in the Endpoint Protection, Detection & Response (EPDR) market...

May 16, 2022 / 2 minute read

Achieve Faster, More Accurate Response with Cybereason Threat Intelligence

Here's a look at the many ways Cybereason Threat Intelligence tells the difference between benign and malicious activity to keep your security team focused...

May 16, 2022 / 4 minute read

Webinar June 2nd 2022: Live Attack Simulation - Ransomware Threat Hunter Series

Learn how mature security teams effectively counter modern ransomware operations (RansomOps) and avoid a system-wide takeover by bad actors - all delivered through a step-by-step walkthrough of a ransomware attack...

May 16, 2022 / 1 minute read

Behavioral Execution Prevention: Next-Generation Antivirus Evolved

Behavioral Execution Prevention stops threats posed by malicious actors who use trusted operating system software and native processes to conduct attacks...

May 13, 2022 / 2 minute read

Russia Is Waging Cyberwar–with Little Success

Cybereason CEO Lior Div provides perspective on the cyber component of Putin's invasion of Ukraine, and why it is important for organizations to Defend Forward...

May 12, 2022 / 2 minute read

Employee Spotlight: Why People are Key to Cybereason Success

Tim Weis, who was recently promoted to Senior Talent Acquisition Partner, supports hiring for some of our US-based teams and helps each of them scale and grow. Learn more about Tim and why he says this is an exciting time to join Cybereason...

May 12, 2022 / 3 minute read

Harnessing the Power of AI-Driven XDR

AI/ML is really good at analyzing large data sets with a high degree of accuracy to identify events of concern at a scale manual human analysis can never match, relieving security teams of the tedious task of sorting the signal from the noise...

May 11, 2022 / 4 minute read

New Cybereason Incident Response and Professional Services Bundles Include Unlimited Support

Cybereason has launched subscription-based bundles for unlimited Incident Response and Professional Services that deliver the speed and agility needed to quickly identify, correlate and contain threats while reducing costs by as much as thirty percent...

May 10, 2022 / 2 minute read

Cybereason vs. Quantum Locker Ransomware

The AI-driven Cybereason XDR Platform detects and blocks MountLocker ransomware which launched back in September 2020. Since then, the attackers have rebranded the operation as AstroLocker, XingLocker, and now in its current phase, the Quantum Locker...

May 9, 2022 / 5 minute read

Malicious Life Podcast: How to Russia-Proof Your Democracy

In 2007, Estonia suffered a large-scale DDoS attack which crippled many organizations and digital services. Joseph Carson, a Security Scientist and adviser to several governments discusses the lessons learned from that event and how Estonia became 'A Cloud Country' - check it out…

May 9, 2022 /

How Do Ransomware Attacks Impact Victim Organizations’ Stock?

After all the big ransomware attack headlines, one might be inclined to think that a successful ransomware attack would also impact a victim organization’s stock price over the long term, but so far that's not the case according to several studies...

May 9, 2022 / 5 minute read

The Global Impact of Operation CuckooBees

Lior Div, co-founder and CEO of Cybereason, talks about the Operation CuckooBees revelations and the broad global impact of intellectual property theft.

May 6, 2022 / 2 minute read

How the MalOp Can Facilitate New Breach Reporting Rules

The Cybereason MalOp will be key to the ability of financial institutions to meet the new 36 hour cybersecurity incident reporting deadline...

May 5, 2022 / 2 minute read

Webinar May 25th 2022: Organizations at Risk: Ransomware Attackers Don’t Take Holidays

Join us for this live webinar as we delve into research findings about the risk to organizations from ransomware attacks that occur on weekends and holidays and how you can better prepare to defend against them...

May 5, 2022 / 1 minute read

Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation

Cybereason recently an attack assessed to be the work of Chinese APT Winnti that operated undetected, siphoning intellectual property and sensitive data - the two companion reports examine the tactics and techniques of the overall campaign as well as more detailed analysis of the malware arsenal and exploits used...

May 4, 2022 / 4 minute read

Operation CuckooBees: Deep-Dive into Stealthy Winnti Techniques

Cybereason investigated multiple intrusions targeting technology and manufacturing companies located in Asia, Europe and North America. Based on the findings of our investigation, it appears that the goal behind these intrusions was to steal sensitive intellectual property for cyber espionage purposes...

May 4, 2022 / 11 minute read

Operation CuckooBees: A Winnti Malware Arsenal Deep-Dive

This research zeroes in on the Winnti malware arsenal and includes analysis of the observed malware and the complex Winnti infection chain, including evasive maneuvers and stealth techniques that are baked-in to the malware code...

May 4, 2022 / 19 minute read

Webinar May 19th 2022: Live Attack Simulation - XDR vs. Modern Ransomware

Join us for an examination of what a modern ransomware attack chain looks like and how an XDR solution can be leveraged to detect and stop complex ransomware attacks at the earliest stages, long before the actual ransomware payload is delivered...

May 3, 2022 / 1 minute read

The U.K. Cyber Strategy: Developing Cybersecurity Skills, Knowledge and Culture

Greg Day, Cybereason’s VP and Global Field CISO for the EMEA region, offers his perspective on developing cybersecurity skills, knowledge, and culture...

May 3, 2022 / 3 minute read

Webinar May 12th 2022: Live Attack Simulation - Ransomware Threat Hunter Series

Learn how mature security teams effectively counter modern ransomware operations (RansomOps) and avoid a system-wide takeover by bad actors - all delivered through a step-by-step walkthrough of a ransomware attack...

May 2, 2022 / 1 minute read

Malicious Life Podcast: Operation Sundevil and the Birth of the EFF

In May 1990, a massive operation carried out by hundreds of Secret Service and FBI agents was focused on a new type of crime: Hacking. But every action has an equal and opposite reaction, and the reaction to Operation Sundevil was the birth of a new power in the cybersphere: the Electronic Frontier Foundation - check it out…

May 2, 2022 /

Cybereason and Google Cloud: This is XDR Tour

Cybereason and Google executives will explain how the security industry can better defend against novel attacks through a live demonstration of how Cybereason XDR powered by Google Cloud reverses the adversary advantage and returns the high ground to Defenders...

April 28, 2022 / 1 minute read

The U.K. Cyber Strategy and Minimizing the Impact of Cybersecurity Incidents

Cybereason XDR supports the U.K. Cybersecurity Strategy objective of minimizing the impact of cybersecurity incidents...

April 28, 2022 / 2 minute read

Distributed Machine Learning Models Done Right

In this article you’ll get an overview of the key challenges common to distributed Machine Learning (ML) architectures frequently seen in IOT devices and security solutions...

April 27, 2022 / 4 minute read

Why XDR Adoption Should Be a CISO Priority

An AI-driven XDR solution allows Defenders to move from a "detect and respond" mode to a more proactive “predictive response” posture where the likely next steps in an attack are anticipated and blocked...

April 27, 2022 / 3 minute read

The State of Ransomware in the Retail Sector

Three-quarters of Retail organizations reported a significant loss of revenue after suffering a ransomware attack, more than half (58%) experienced employee layoffs, and one third were forced to temporarily suspend or halt their business operations altogether...

April 26, 2022 / 5 minute read

Malicious Life Podcast: MITRE Attack Flow Project

The MITRE Attack Flow Project is a new way to visualize, analyze and share knowledge about sequences of adversary behavior. Ingrid Skoog, Ass. Director of R&D at the Center for Threat-Informed Defense, and Cybereason CISO Israel Barak discuss the benefits of the MITRE Attack Flow project to Defenders and executives alike - check it out…

April 25, 2022 /

THREAT ANALYSIS REPORT: SocGholish and Zloader – From Fake Updates and Installers to Owning Your Systems

This report provides unique insight into SocGholish and Zloader attacks and provides an overview of the common tactics and techniques in SocGholish infections...

April 25, 2022 / 14 minute read

Seven Ways Cybereason Enhances Your Cyber Insurance Investment

If your organization needs cyber insurance or if you're up for renewal, get ready to meet these "minimum requirements." Here's seven ways Cybereason can enhance your cyber insurance investment...

April 22, 2022 / 5 minute read

Leveraging Cybereason DFIR to Contain Attacks in Minutes

Cybereason has announced the availability of Cybereason DFIR, a solution designed to automate incident response (IR) investigations by incorporating nuanced forensics artifacts into threat hunting, reducing remediation time by enabling security analysts to contain cyberattacks in minutes...

April 21, 2022 / 2 minute read

How Strategic Detections Set XDR Apart

Most XDR platforms ingest a variety of threat intelligence to spot known Indicators of Compromise (IOCs), but only an AI-driven XDR solution can detect based on the more subtle chains of activity known as Indicators of Behavior (IOBs)...

April 20, 2022 / 4 minute read

Malicious Life Podcast: The Aaron Swartz Story

When 24-year-old Aaron Swartz was caught scraping millions of science articles off of JSTOR, he faced up to 35 years in prison plus a fine of up to 1 million dollars. Did Aaron's crime justify such a harsh punishment? Check it out…

April 19, 2022 /

Ransomware Attacks: Can Cyber Insurance Protect Your Organization?

Nearly half of organizations with cyber insurance in place when they were victims of a ransomware attack said that their insurer only covered a portion of their losses, so they still needed to pay out of pocket significantly to cover the recovery costs...

April 19, 2022 / 3 minute read

SOC Modernization: Measures and Metrics for Success

To have confidence we can block the attack, we will have invested time and resources to build out the MalOp, and as such we should track our blocking controls to see which have the greater longevity against the adversary...

April 14, 2022 / 3 minute read

Everything Cybereason at the 2022 RSA Conference!

Don’t miss the immersive digital experience at Cybereason booth S-735 in the South Expo Hall packed with informative in-booth theater presentations, enjoy more briefings at the Cybereason Lounge at the Four Seasons, score some great swag like a Malicious Life Podcast T-Shirt and more...

April 13, 2022 / 3 minute read

Webinar April 26th: Profile of the Dark Economy of Ransomware

RansomOps have steadily become more sophisticated and more aligned with nation-state actors making ransomware an existential threat for enterprises - join expert Bob Bigman, former CISO for the CIA to learn more about major ransomware groups and how they operate...

April 13, 2022 /

Security Budgets Are Increasing - But So Are Attacks

An AI-driven XDR solution can correlate security telemetry from across the network to produce a complete picture of all elements of an attack to automate responses - basically eliminating the need for SIEM and SOAR tools in most circumstances...

April 13, 2022 / 4 minute read

White Paper: Inside Complex RansomOps and the Ransomware Economy

This white paper examines the growing threat from complex RansomOps, as well as the larger Ransomware Economy, and provides prescriptive guidance for organizations determined to remain undefeated by ransomware attacks...

April 12, 2022 / 1 minute read

Detecting Cyber Events is Key to U.K. Cybersecurity Strategy

Cybereason XDR supports both capability outcomes outlined in the U.K. Government Cybersecurity strategy for detecting cyber events...

April 11, 2022 / 3 minute read

Malicious Life Podcast: The Russia-Ukraine Cyberwar

Several weeks after the invasion of Ukraine by Russian forces, and the lights are still on and other important infrastructure is still operating. Cybereason CEO Lior Div, CTO Yonatan Striem-Amit, and CSO Sam Curry examine what we know so far about the cyber aspect of the conflict...

April 11, 2022 /

Webinar April 27th: Solving the Incident Response Data Problem

Join this informative webinar to learn how the combination of IBM X-Force expertise and cutting edge Cybereason security solutions and DFIR capabilities deliver a faster, more efficient approach to Incident Response...

April 7, 2022 /

Operation Bearded Barbie: APT-C-23 Campaign Targeting Israeli Officials

This APT-C-23 campaign involves of two previously undocumented malware strains dubbed Barb(ie) Downloader and BarbWire Backdoor, which use an enhanced stealth mechanism to remain undetected - in addition, Cybereason observed an upgraded version of an Android implant dubbed VolatileVenom...

April 6, 2022 / 11 minute read

Evaluating XDR Solutions? Caveat Emptor - Buyer Beware

Don’t be fooled by marketing ploys from vendors touting their latest big dollar acquisition of technologies they can’t integrate but still try to pawn off as XDR...

April 6, 2022 / 4 minute read

No Airplane Hacking Episode

Due to some controversy in the community over the airplane hacking episode, we have decided to remove it from the playlist...

April 5, 2022 /

Ransomware vs. AI: The Battle Between Machines

An AI-driven XDR solution can cut through the noise introduced by a constant flood of alerts, allowing security teams to spend less time sifting through alerts and chasing false positives and more time detecting and blocking attacks...

April 5, 2022 / 4 minute read

Cybereason and IBM: A Better Way to do Enterprise IR

Cybereason and IBM are launching a joint solution to address the most critical SOC challenges and significantly improve incident response delivery, triage, and remediation processes...

April 4, 2022 / 3 minute read

Cybereason Posts Best Results in History of MITRE ATT&CK Evaluations

Cybereason leads the industry in the MITRE ATT&CK Enterprise Evaluation 2022, achieving the best results ever in the history of these evaluations...

April 1, 2022 / 3 minute read

Lapsus$ Activity Betrays Nation-State Motivation

Cybereason CSO Sam Curry talks about the potential threat of cyberattacks from Russia in connection with the invasion of Ukraine and why Russia might engage with external cyber mercenaries to get the job done. ..

April 1, 2022 / 6 minute read

Webinar April 14th: Live Attack Simulation - Ransomware Threat Hunter Series

Learn how mature security teams effectively counter modern ransomware operations (RansomOps) and avoid a system-wide takeover by bad actors - all delivered through a step-by-step walkthrough of a ransomware attack...

April 1, 2022 / 1 minute read

Cybereason Excels in the 2022 MITRE ATT&CK® Evaluations: 100% Prevention, Visibility and Real-Time Protection

While other vendors are scrambling to cherry-pick the results and spin up some clever interpretations of the MITRE ATT&CK results, Cybereason is proud to let the evaluation results speak for themselves: Cybereason demonstrated 100% Prevention, 100% Visibility, and 100% Real-Time Protection...

March 31, 2022 / 3 minute read

How Cybereason Enables the U.K. to Defend Against Cyberattacks

The second installment of our five-part series outlining how Cybereason XDR maps to each of the objectives in the U.K. Government Cybersecurity Strategy...

March 31, 2022 / 3 minute read

CISO Stories Podcast: CISO Priorities for 2022

What issues should CISOs be prioritizing, and how can they get the most bang for their buck? An esteemed panel of accomplished security leaders discuss the challenges for 2022 and more - check it out...

March 31, 2022 /

Four Ways XDR Optimizes Your Security Stack

An AI-driven XDR solution enables organizations to embrace an operation-centric approach that delivers the visibility required to be confident they can halt attack progressions at the earliest stages...

March 30, 2022 / 4 minute read

SOC Modernization: A Mission to Block or to Disrupt?

Periodically, every business steps back and asks itself a number of questions around its security resilience, and at the top of the list is the question: Are my response processes still fit for purpose?

March 29, 2022 / 5 minute read

How to Create an Effective Ransomware Response Plan

Organizations need to be capable of responding effectively to a ransomware attack in order to minimize impact to the business. Here are three things they should consider along the way...

March 29, 2022 / 4 minute read

MITRE ATT&CK: Wizard Spider and Sandworm Evaluations Explained

MITRE is the preeminent third-party security solution evaluator. We explain the key metrics to look for in their upcoming Enterprise ATT&CK Evaluation...

March 28, 2022 / 4 minute read

Malicious Life Podcast: DIE - A New Paradigm for Cybersecurity

DIE, an acronym for Distributed, Immutable and Ephemeral, is a framework for designing secure systems where we should treat our precious data less like pets and more like cattle. Sound confusing? New paradigms always are - check it out…

March 28, 2022 /

Webinar April 7th: 2022 MITRE ATT&CK Evaluations Explained

The MITRE ATT&CK evaluations test security vendors’ ability to quickly detect and stop tactics and techniques used by today’s threat actors. In this webinar, we strip down the complexity of the MITRE ATT&CK framework so your organization can leverage it for success...

March 25, 2022 / 1 minute read

CEO Blog Series: No Sector Is Off-Limits for Russian Cyberattacks

The risk of cyberattacks from Russia or threat actors aligned with Russia is high and every organization, regardless of industry or geographic location, needs to be prepared to defend against them...

March 25, 2022 / 2 minute read

CISO Stories Podcast: Why Are We Still Failing at Security?

Wayman Cummings, VP of Security Operations at Unisys, examines how industry stagnation impacts the security for our critical infrastructure, the value true public-private partnerships can bring and more - check it out...

March 24, 2022 /

Cybereason Support for the U.K. Cybersecurity Strategy Part 1

This is the first installment of a five-part blog series in which we will outline how Cybereason XDR maps to each of the five objectives contained in the U.K. Government Cybersecurity Strategy...

March 24, 2022 / 4 minute read

Operational Resilience: Bridging the Communications Gap

The most valuable conversations today are focused on operational resilience, a newer term for the CSO, but less so for most Boards who already know what the processes are to achieve key business outcomes...

March 23, 2022 / 4 minute read

AI-Driven XDR: Defeating the Most Complex Attack Sequences

Unlike pseudo-XDR offerings that are really just EDR tools with a cloud extension, an AI-driven XDR solution does not require that valuable telemetry be filtered out due to a platform’s inability to handle the volume of intelligence available...

March 23, 2022 / 4 minute read

Cybereason Taps Frank Koelmel as EMEA Region General Manager

Cybereason continues its exponential growth and expansion of the team by naming Frank Koelmel as EMEA Region General Manager where he will be overseeing all Cybereason EMEA operations, leading future growth and expansion in the region...

March 23, 2022 / 2 minute read

Authentication Platform Okta Confirms Breach Impacts Customer Base

Authentication platform Okta has confirmed they were breached and customer base impacted after threat actors Lapsus$ gained access to the company’s internal environment...

March 22, 2022 / 3 minute read

Malicious Life Podcast: Cyber PTSD

We usually count the damage from a cyberattack in Dollars and Euros, but the psychological damage to the victims is rarely discussed. Can scams, hacks, and breaches lead to Cyber Post-Traumatic Stress Disorder? Check it out…

March 22, 2022 /

The State of Ransomware in the Manufacturing Sector

Sixty percent of manufacturing organizations said they were struggling to defend against ransomware attacks due to their growing sophistication, while just under half noted that they were likely to get hit at some point...

March 22, 2022 / 3 minute read

Cybereason vs. Carbon Black: Why Delayed Detections Matter

In a recent MITRE ATT&CK test, Carbon Black had a 9% delayed detection rate - delayed detections leave organizations open to ransomware and other attacks...

March 22, 2022 / 5 minute read

Cybereason and Motorola Mobility: Real-Time Network Visibility

The Cybereason MalOp (malicious operation) detection engine allowed a single Lenovo analyst to manage up to 200,000 endpoints, almost three times their current network needs...

March 18, 2022 / 3 minute read

Webinar March 31st: Live Attack Simulation - XDR vs. Modern Ransomware

Join us for an examination of what a modern ransomware attack chain looks like and how an XDR solution can be leveraged to detect and stop complex ransomware attacks at the earliest stages, long before the actual ransomware payload is delivered...

March 17, 2022 / 1 minute read

Enriching Raw Telemetry with the Cybereason Historical Data Lake

The Cybereason Historical Data Lake ingests all available telemetry collected for analysis for two primary use cases: Historical Threat Hunting and Deep Investigation...

March 17, 2022 / 2 minute read

CISO Stories Podcast: The CISO Six Minute Rule

Renee Guttmann needed a way to determine and communicate the right decisions to the organization, so she developed the “Six-Minute Rule” as a guide - Renee explains how to help stakeholders make informed risk/reward decisions - check it out...

March 17, 2022 /

CEO Blog Series: Microsoft Can’t Protect Themselves—How Will They Protect You?

Still considering Microsoft for your security needs? They issued patches for 234 vulnerabilities in just the first Quarter of 2022: 23 are rated Critical and 10 are zero-days--that’s an average of about 8 Critical vulnerabilities and 3 zero-days per month...

March 16, 2022 / 3 minute read

Malicious Life Podcast: How Resilient Is Our Banking System?

What is the most critical of all critical infrastructure? According to Jeff Engles, it's our Banking and Finance systems - Jeff joins us to discuss the resilience of our financial system and potential worst-case scenarios - check it out…

March 16, 2022 /

Leveraging the X in XDR: Correlating Across Multiple Sources of Telemetry

One good way to spot pseudo-XDR offerings is to ask the provider if the tool has the ability to ingest and analyze all available telemetry, or if the platform has limitations that requires "smart filtering" of some or most of the telemetry...

March 16, 2022 / 3 minute read

Webinar April 5th: Assessing the Cyberattack Risk in the Russia-Ukraine Conflict

Cyberattacks by groups supporting Russian interests have been observed, but experts have noted that we likely have not seen the full potential of a Russian cyber offensive yet. A panel of experts will explore the increased risk stemming from the conflict in Ukraine...

March 16, 2022 / 1 minute read

How to Prevent ‘Out of Memory’ Errors in Java-Based Kubernetes Pods

One way to avoid out-of-memory errors is by configuring metrics and alerts that will tell us the story of our app overtime and notify us when something bad may be happening - before it reaches the customer...

March 15, 2022 / 4 minute read

Leveraging Artificial Intelligence to Prevent RansomOps Attacks

Crowdstrike and SentinelOne platforms are forced to filter out critical event telemetry--and while they try to pawn off this deficit as a "feature" by calling it Smart Filtering, eliminating critical telemetry undermines their ability to detect complex RansomOps attacks at the earliest stages...

March 15, 2022 / 4 minute read

Defend Forward: Taking the Fight to the Adversary

Defend Forward means assuming an offensive mindset for proactive defense to disrupt malicious operations earlier...

March 14, 2022 / 2 minute read

Malicious Life Podcast: Crypto AG Part 3 - The Truth is Revealed

This final episode of the series is going to explore how the Crypto AG spying operation was kept secret for over 70 years from governments, military and intelligence services, and even the company’s own personnel - check it out…

March 10, 2022 /

CISO Stories Podcast: Lessons Learned from Building an ISAC

ISACs were formed to promote the centralized sharing of threat intel within a particular sector. Grant Sewell, Director of Security at AHEAD, shares his experience in working with an ISAC and how this benefited his organization - check it out...

March 10, 2022 /

Threat Hunting: From LOLBins to Your Crown Jewels

In certain combinations, some chains of behavior represent an advantage to an attacker - your team must be able to differentiate between benign use vs. the abuse of legitimate tools and processes...

March 9, 2022 / 7 minute read

Cybereason XDR: Intelligence-Driven Hunting and Investigation

Threat intelligence is transparently integrated into every aspect of the AI-driven Cybereason XDR Platform to enable Threat Hunting for behavioral TTPs...

March 9, 2022 / 1 minute read

SecOps: Getting Behind the Wheel with XDR

An AI-driven XDR solution enables SecOps teams to embrace an operation-centric approach that delivers the visibility required to halt attack progressions at the earliest stages...

March 9, 2022 / 3 minute read

International Women’s Day: Defenders Share Advice on How to #BreaktheBias

Cybereason is celebrating International Women’s Day and Women’s History Month through education, activities and events, and we invite all Defenders to join us as we work together to #BreaktheBias...

March 8, 2022 / 4 minute read

CEO Blog Series: Our People are the Secret to the Success of Cybereason

Cybereason CEO Lior Div honors Employee Appreciation Day and reflects on the core values of Cybereason and why it's important to appreciate employees 365 days a year.

March 8, 2022 / 2 minute read

Threat Detection: Making the Complicated Simple Again

Consider how much time your business would allow you for an ALLOW or BLOCK decision in the event of a ransomware attack, and then challenge your team to determine if they have the processes and the skills to achieve it...

March 8, 2022 / 4 minute read

The Impact of Ransomware in the Healthcare Sector

Healthcare organizations need to assume that they’ll be hit, and it’s better to be prepared and never be the victim of a ransomware attack than it is to start the process of bolstering defenses after an attack has been successful...

March 8, 2022 / 3 minute read

Cybereason Taps Security Industry Veteran Greg Day as Global Field CISO

Cybereason continues its exponential growth and expansion of the team by welcoming Greg Day to the company as Vice President and Global Field Chief Information Security Officer (CISO) for the EMEA region...

March 8, 2022 / 1 minute read

DFIR Demystified: Understanding Digital Forensics Incident Response

While not needed for every event and every investigation, DFIR (Digital Forensic Incident Response) is an essential component of the modern security toolkit...

March 7, 2022 / 6 minute read

THREAT ALERT: Emotet Targeting Japanese Organizations

The surge of Emotet attacks targeting Japanese organizations in the first quarter of 2022 is a continuation of the earlier Emotet activity, with some changes in the malware deployment process. The Cybereason XDR Platform detects and blocks Emotet malware...

March 7, 2022 / 3 minute read

Malicious Life Podcast: Quantum Cybersecurity

Quantum Computing is a revolutionary technology, but what's the threat posed by Quantum attacks on encryption, and is the first major attack even closer than most of us think? Check it out…

March 7, 2022 /

Cybereason vs. HermeticWiper and IsaacWiper

Sophisticated multi-stage attacks are delivering highly damaging wipers dubbed HermeticWiper and IsaacWiper. The Anti-Malware capability in the Cybereason XDR Platform detects and blocks these destructive wipers...

March 3, 2022 / 2 minute read

Cybereason and MITRE Engenuity Center for Threat-Informed Defense Launch the Attack Flow Project

Cybereason and the MITRE Engenuity Center for Threat-Informed Defense launch the Attack Flow Project to develop a common data format for describing adversary behavior and improve defensive capabilities...

March 3, 2022 / 2 minute read

CISO Stories Podcast: Richard Clarke - Getting the Board on Board with Security

Richard Clarke, who spent several decades serving Presidents of both parties, provides some pragmatic tips for effectively communicating the need to invest in security in terms the Board of Directors can support - check it out...

March 3, 2022 /

XDR is Here: How and Why to Get Started

AI-driven XDR automatically correlates telemetry from across endpoints, data centers, application suites, user identities and more, freeing security teams from the need to constantly triage a flood of non-contextual threat alerts and false positives...

March 2, 2022 / 3 minute read

Cybereason vs. BlackCat Ransomware

BlackCat Ransomware gained notoriety quickly leaving a trail of destruction behind it, among its recent victims are German oil companies, an Italian luxury fashion brand and a Swiss Aviation company. Cybereason XDR detects and blocks BlackCat Ransomware...

March 1, 2022 / 7 minute read

What’s Next in the Evolution of Complex RansomOps?

Remember, the actual ransomware payload is the tail end of a RansomOps attack, so there are weeks or even months of detectable activity where a ransomware attack can be disrupted before there is serious impact...

March 1, 2022 / 3 minute read

CEO Blog Series: Ukraine Conflict Confirms Russian Cybercrime Connection

Cybereason CEO Lior Div looks at events unfolding with the Russian invasion of Ukraine and what it has revealed about the connection between Russia and the most notorious cybercrime and ransomware gangs...

February 28, 2022 / 2 minute read

Malicious Life Podcast: Crypto AG Part 2 - The Death of Bo Jr.

How did Boris Hagelin succeed in selling compromised cipher machines to half the world over more than 50 years? Was there some kind of backdoor - or it was more clever than that? Check it out…

February 28, 2022 /

How Black History Icon Bessie Coleman Exemplifies Our Core Values

Customer Success Manager Michelle Winters discusses her favorite Black History icon, Bessie Coleman, and how this world-changing leader reflects our Core Values: Daring, UbU, Never Give Up, Ever Evolving, Win As One...

February 24, 2022 / 2 minute read

Two Things Every Zero Trust Initiative Must Have

Achieving Zero Trust requires planetary-scale telemetry and the ability to analyze and correlate it all in real-time - that means Cybereason XDR powered by Google Cloud....

February 24, 2022 / 2 minute read

CISO Stories Podcast: Understanding and Preparing for the Next Log4j

What was the Log4j vulnerability really, what can be done to reduce the risk it poses to organizations, and how can we better prepare for the next Log4j-level event? Benny Lakunishok, CEO of Zero Networks, takes us deeper - check it out...

February 24, 2022 /

Why Telemetry Correlations are Essential to XDR

Most EDRs can’t even handle all the telemetry available from endpoints, so jamming even more data into these tools that can’t actually correlate any of it effectively then trying to pass it off as XDR is simply a fool's errand...

February 23, 2022 / 3 minute read

Three Questions to Ask about Ransomware Preparedness

Organizations need to think strategically and be proactive about ransomware preparedness - here are three questions you should be asking in order to avoid being the victim of a successful RansomOps attack...

February 22, 2022 / 4 minute read

Malicious Life Podcast: Why Do APTs Use Ransomware?

Threat Research lead Assaf Dahan discusses new discoveries about Iranian APTs Moses Staff and Phosphorus that blur the line between state-sponsored attacks and criminal activity - check it out…

February 22, 2022 /

Everything Cybereason at Cybertech Tel Aviv 2022!

Join Cybereason at Cybertech 2022 March 1-3 in Tel Aviv--the cyber ecosystem's foremost networking platform conducting industry-related events all around the globe...

February 22, 2022 / 1 minute read

Shields Up: Is Your Ransomware Protection What It Should Be?

Cybersecurity and Infrastructure Security Agency (CISA) is warning businesses to prepare for ransomware attacks if Russia invades Ukraine - learn how your organizations can be prepared...

February 18, 2022 / 2 minute read

Watch Now: Top CISO Priorities for 2022

What issues should CISOs be prioritizing, and how can they get the most bang for their buck while minimizing risk and maximizing outcomes? Join our panel of esteemed CISOs from multiple industries as they share their perspectives...

February 18, 2022 / 1 minute read

Cybereason Named to 10 Hottest XDR Companies to Watch List for 2022

“Cybereason XDR delivers deep contextual correlations without the need to craft complex syntax queries, which is just one of the many reasons we are seeing rapid adoption of our platform...”

February 17, 2022 / 1 minute read

CISO Stories Podcast: A Cost-Effective Approach to Security Risk Management

How does the CISO establish the value proposition for an investment? Jack Jones, Chief Risk Scientist at RiskLens, discusses using a well-tested risk framework to evaluate current state of loss exposure - check it out...

February 17, 2022 /

Webinar March 17th 2022: Live Attack Simulation - XDR vs. RansomOps

Join us for a look at top ransomware attack trends we’ll see in 2022, what an attack chain looks like, and the Defender’s view inside our AI-driven Extended Detection and Response...

February 17, 2022 / 1 minute read

Securing Critical Infrastructure with XDR

There is the potential for these attacks to cross the cyber-physical divide by inadvertently or purposefully disrupting crucial systems that govern assets that are vital to the economy, national security, or protecting lives...

February 16, 2022 / 4 minute read

Addressing the Risk from Cyberattacks in the Russia-Ukraine Conflict

While cyberwarfare operations are expected to be leveraged in order to distract, disrupt, and destroy systems critical to Ukraine's defense capabilities locally, there is a high probability that Russian operatives might also target organizations beyond the region...

February 15, 2022 / 3 minute read

Cybereason vs. WhisperGate and HermeticWiper

Ukrainian officials attributed the attack to Russia “preparing the ground” for a military invasion with nasty wipers dubbed WhisperGate and HermeticWiper. Cybereason Anti-Ransomware and Anti-MBR corruption technology detects and blocks WhisperGate and HermeticWiper...

February 15, 2022 / 2 minute read

How to Prevent Ransomware Attacks at the Earliest Stages

This ongoing evolution of complex ransomware operations highlights the need to be strategic with RansomOps defense. Specifically, it underscores the importance of an operation-centric approach to RansomOps prevention...

February 15, 2022 / 4 minute read

Cybereason Partners with EGUARDIAN to Defend Organizations Against Complex Cyberattacks

“With Cybereason, I am confident we will be able to give Sri Lankan enterprises the right tools and technologies to successfully overcome increasing global cyber threats..."

February 14, 2022 / 1 minute read

Malicious Life Podcast: Crypto AG - The Greatest Espionage Operation Ever Part 1

General McArthur, Egypt's Anwar Sadat, and Iran's Ayatollah Khomeini: these are just a few of the dozens (likely hundreds) of targets in the biggest, most ambitious hacking operation ever - check it out…

February 14, 2022 /

THREAT ANALYSIS REPORT: All Paths Lead to Cobalt Strike - IcedID, Emotet and QBot

The Cybereason GSOC delivers details on three recently observed attack scenarios where fast-moving malicious actors used the malware loaders IcedID, QBot and Emotet to deploy the Cobalt Strike framework on the compromised systems...

February 10, 2022 / 13 minute read

Cybereason Executives Abigail Maines and Stephan Tallent Named 2022 CRN Channel Chiefs

CRN’s annual Channel Chiefs project identifies top IT channel vendor executives who continually demonstrate expertise, influence and innovation in channel leadership...

February 10, 2022 / 2 minute read

CISO Stories Podcast: Creating Security Budget Where There is No Budget

Security departments need to acquire tool after tool over - Kevin Richards walks through a very creative method for getting the budget you need and explains how to leverage the current environment to “find” new sources of funding...

February 10, 2022 /

Cybereason XDR for Cloud Workloads: A New Approach to Cloud Security

Cybereason XDR for Cloud Workloads secures cloud workloads, containers and hosts at unparalleled speed and scale...

February 9, 2022 / 2 minute read

Debunking Three Common Misconceptions about XDR

An AI-driven XDR solution provides Defenders with the ability to predict, detect and respond to cyberattacks across the entire enterprise network, including endpoints, identities, the cloud, application suites and more...

February 9, 2022 / 4 minute read

Webinar March 9th 2022: Protecting Containers at Runtime with Cybereason XDR for Cloud Workloads

Learn how Cybereason XDR for Cloud Workloads delivers prevention, detection and response capabilities to defend cloud workloads and containers at runtime...

February 9, 2022 / 1 minute read

Cybereason vs. Lorenz Ransomware

Prior to the deployment of the Lorenz ransomware, the attackers attempt to infiltrate and move laterally throughout the organization, carrying out a fully-developed RansomOps attack - the Cybereason XDR Platform fully detects and prevents the Lorenz ransomware...

February 8, 2022 / 7 minute read

Financial Services and the Evolving Ransomware Threat

Attackers’ interest in targeting financial institutions aligns with larger trends that are shaping the ransomware threat landscape, like the increasing complexity of some ransomware operations–or RansomOps...

February 8, 2022 / 3 minute read

Webinar February 24th 2022: Live Attack Simulation - Ransomware Threat Hunter Series

Learn how mature security teams effectively counter modern ransomware operations (RansomOps) and avoid a system-wide takeover by bad actors - all delivered through a step-by-step walkthrough of a ransomware attack...

February 8, 2022 / 1 minute read

Malicious Life Podcast: Why Aren't SMBs Investing in Cybersecurity?

Attacks against Small-to-Medium size businesses (SMBs) accounts for 40% to 50% of all data breaches. Josh Ablett, founder and CISO of Adelia Risk, discusses security for SMBs - spoiler: it's not a pretty picture - check it out…

February 7, 2022 /

Iranian Threat Actors Turn Up Heat on Cyber Cold War

Cybereason CEO Lior Div highlights new research on Iranian threat actors and how attacks blend nation-state adversary and cybercrime threat actor tactics and motives...

February 4, 2022 / 2 minute read

Responding to Multi-Endpoint Threats with XDR

The Cybereason XDR Platform provides a unified view of your endpoints, allowing analysts to quickly remediate complex threats across multiple machines...

February 4, 2022 / 1 minute read

Employee Spotlight: Developing a Unified Security Platform

The Cybereason XDR Platform quickly detects chains of behavior that are either rare or present a strategic advantage to an attacker, allowing analysts to stop attacks before they cause damage...

February 3, 2022 / 4 minute read

CISO Stories Podcast: Do It Internally or Hire a Consultant?

When a particular skill is needed that is not available, what do you do? Should you hire someone externally or bring in a consultant? CISO John Iatonna discusses his experience in making these tough decisions - check it out...

February 3, 2022 /

How Cybereason XDR Supports Zero Trust Initiatives

Cybereason XDR addresses the five core pillars of Zero Trust: device, identity, network, application workload and data...

February 2, 2022 / 3 minute read

XDR: The Key to Empowering Your SOC

XDR can evolve with the changing threat landscape, can allow complex attack operations to be identified at the earliest stages, and can automate responses for a faster mean time to remediation at scale...

February 2, 2022 / 3 minute read

Cybereason XDR: Achieving 10X Reduction in False Positives

The Cybereason MalOp detection engine to identify malicious behaviors with extremely high confidence levels, reducing false positives by a factor of 10...

February 2, 2022 / 2 minute read

StrifeWater RAT: Iranian APT Moses Staff Adds New Trojan to Ransomware Operations

Cybereason discovered an undocumented RAT dubbed StrifeWater attributed to Iranian APT Moses Staff who deploy destructive ransomware following network infiltration and the exfiltration of sensitive data...

February 1, 2022 / 7 minute read

PowerLess Trojan: Iranian APT Phosphorus Adds New PowerShell Backdoor for Espionage

Cybereason discovered a new toolset developed by Iranian APT Phosphorus which revealed a connection to Memento ransomware and includes the newly discovered PowerLess Backdoor that evades detection by running PowerShell in a .NET context...

February 1, 2022 / 8 minute read

Malicious Life Podcast: The Bloody Origins of Israel's Cybersecurity Industry

In this episode, we go back to the Yom Kippur War of 1973 to discover how a national trauma and an intelligence failure paved the way for Israel to become a cybersecurity mini-empire - check it out…

January 31, 2022 /

CISO Stories Podcast: Designing a Shared Vision with IT and the Business

The locus of control has been slipping away from IT teams - and by default Security teams. Scott King, CISO at Encore Capital Group joins the podcast to discuss strategies to remain agile in the face of rapid change - check it out...

January 27, 2022 /

Employee Spotlight: On Values and Culture at Cybereason

"When I first joined, I heard about the 'Defender' concept so much I almost felt skeptical, but the Defender vibe is real, it’s in the DNA of the company - the people here really believe in what we do..."

January 26, 2022 / 3 minute read

The Fog of Cyberwar

As tensions escalate between Russia and the United States over the situation in Ukraine, it is more important than ever for Defenders to be prepared to protect against cyberattacks...

January 25, 2022 / 2 minute read

Three Reasons XDR Should Drive Your Security Strategy

Security teams are short-staffed, network complexity continues to increase and the cost of data breaches is growing - XDR offers an opportunity to reverse these trends and more...

January 25, 2022 / 4 minute read

The Private Infrastructure Security Renaissance

Although it seems counterintuitive and  a throwback to Enterprise IT setups from nearly a decade ago, private infrastructure is in a Renaissance period...

January 24, 2022 / 3 minute read

Ten of the Biggest Ransomware Attacks of 2021

Researchers estimated there would be about 714 million ransomware attacks by the end of 2021, a 134% year-over-year increase from 2020. Let’s take a moment now to examine ten of the biggest ransomware attacks of 2021...

January 24, 2022 / 4 minute read

Malicious Life Podcast: Hacker Highschool

Pete Herzog, co-founder of ISECOM and Hacker Highschool, wants our kids to learn about cybersecurity - especially the more advanced stuff like security analysis and hacking - check it out...

January 24, 2022 /

Cybereason XDR: 10X Faster Threat Hunting

Cybereason XDR connects the dots between seemingly disparate or innocuous events to power 10X improvements in threat hunting...

January 20, 2022 / 3 minute read

CISO Stories Podcast: Moving to the Cloud? Don’t Forget Hardware Security

Steve Orrin, Federal CTO at Intel, joins the podcast to discuss approaches to remaining compliant with the various laws when moving to the cloud - check it out...

January 20, 2022 /

Five Ransomware Myths that Leave Businesses Vulnerable

Remember, the actual ransomware payload is the very tail end of a RansomOps attack, so there are weeks to months of detectable activity prior to the payload where an attack can be intercepted...

January 19, 2022 / 5 minute read

Evaluating Open XDR vs. Native XDR

Open XDR can leverage multiple security tools, vendors and telemetry types, all integrated into a single detection and response platform that centralizes behavior analysis...

January 19, 2022 / 3 minute read

Employee Spotlight: On Becoming a Defender at Cybereason

"My focus is on our North American partners - I empower them to provide a solution that gives their customers the desired outcomes and protect their environments, companies, and livelihoods..."

January 19, 2022 / 4 minute read

Webinar February 3rd 2022: Live Attack Simulation - Ransomware Threat Hunter Series

Understand how mature security teams effectively counter modern ransomware operations and avoid a system-wide takeover by bad actors - all delivered through a step-by-step walkthrough of an attack...

January 19, 2022 / 1 minute read

Malicious Life Podcast: The Mystery of Cicada 3301

A cryptic message posted on 4Chan in January 2012 started thousands of crypto-lovers competing to be the first to crack the puzzles created by the mysterious Cicada 3301. Who is Cicada3301, and what are their goals? Check it out...

January 18, 2022 /

Cybereason Launches  ‘Pay As You Grow’ Program to Nurture Managed Security Services Partners

The PAYG program for Managed Security Services Providers (MSSPs) provides the most trusted solution providers with financial flexibility to increase their margins and profitability...

January 18, 2022 / 1 minute read

New Year, Same Old Microsoft Issues

The New Year is a clean slate and an opportunity to be better than the year before, but Microsoft kicked off 2022 with 97 new security updates, including 6 zero-day vulnerabilities.

January 14, 2022 / 2 minute read

Ukraine Government and Embassy Websites Attacked

Government and embassy websites in Ukraine were defaced in a broad attack that could lead to an escalation of tension as Russia continues to mass military power on the border.

January 14, 2022 / 2 minute read

The MalOp Severity Score: Because Every Second Counts

Cybereason MDR leverages a technology called the MalOp Severity Score (MOSS), which enables security teams conduct lightning-quick triage and remediation...

January 14, 2022 / 2 minute read

CISO Stories Podcast: Privacy Hunger Games - Change the Rules

Organization's may be leaking information without proper procedures in place - CCO/CPO Samantha Thomas explains how she changed this and the law in the process - check it out...

January 13, 2022 /

Employee Spotlight: On Defending Clients and Promoting Growth

There’s a real community here. We’re all working toward a common goal and with a shared mission: to help businesses stop being targets, to help people do business without getting hacked or falling victim to ransomware...

January 13, 2022 / 4 minute read

Achieve 10X Faster Response Time with Cybereason XDR

Cybereason XDR delivers an operation-centric approach to security that enables analysts of all skill levels to quickly understand an attack without crafting complicated queries...

January 12, 2022 / 3 minute read

EDR, MDR and XDR – What Are the Differences?

Shortcomings in traditional tools explain why XDR is generating a lot of buzz - it extends the capabilities of EDR beyond endpoints to an organization’s cloud workloads, application suites, and user personas...

January 12, 2022 / 4 minute read

Threat Analysis Report: DatopLoader Exploits ProxyShell to Deliver QBOT and Cobalt Strike

After exploitation of ProxyShell, attackers used Exchange to distribute phishing emails with the QBot payload and DatopLoader, a loader previously used to distribute the Cobalt Strike malware...

January 11, 2022 / 10 minute read

The State of Ransomware in the Public Sector

Things escalated even further in June of 2021, when public sector entities experienced 10 times as many ransomware attempts as organizations in other sectors, an increase of 917% year over year...

January 11, 2022 / 3 minute read

FBI Warns US Companies to Avoid Malicious USB Devices

The FBI issued a warning following a string of attacks allegedly by the FIN7 cybercrime group involving sending malicious USB thumb drives to targets...

January 10, 2022 / 3 minute read

Malicious Life Podcast: How the Internet Changed the NSA

Jeff Man was one of the first people at the NSA to make the transition from hardware to software, and he shares with us his experiences from that period - check it out…

January 10, 2022 /

Building Enterprise Immunity with XDR

Robust protection mechanisms are not as binary as saying “good file” and “bad file” or “good user” and “bad user.” You must understand the interactions between malicious actors (or even suspicious actors) and your environment...

January 10, 2022 / 2 minute read

Cybereason XDR: 10X Productivity Boost From Unified Investigations

Explore two common attacks that illustrate the benefit of the Cybereason operation-centric approach: A 10X productivity boost from unified investigations...

January 7, 2022 / 3 minute read

CISO Stories Podcast: Server Room to War Room - Enterprise Incident Response

Dawn-Marie Hutchinson, CISO at BAT, has navigated organizations during crises with a “play like you practice” Incident Response approach - check it out...

January 6, 2022 /

Automating the “R” in Your XDR Strategy

Advanced XDR doesn’t rely on a flood of non-contextual threat alerts from across disparate assets, but instead delivers deep context and correlations between assets to detect sooner and automates responses to mitigate faster...

January 5, 2022 / 5 minute read

Cybereason Nabs Three ‘Built In Boston's Best Places to Work 2022’ Awards

Cybereason named to three Built in Boston’s Best Places to Work lists for 2022: Boston Best Places to Work, Boston Best Paying Companies, and Boston Best Large Companies to Work For...

January 5, 2022 / 2 minute read

Malicious Life Podcast: Does Code === Free Speech?

When the FBI asked Apple to write code that would give the FBI access to a suspect's iPhone, Apple refused, arguing it violates the First Amendment - check it out…

January 4, 2022 /

A ‘NEW’ Cybersecurity Philosophy for the New Year

The end of 2021 feels like a repeat of the end of 2020. Cybereason CEO Lior Div outlines why we need a new philosophy for the cybersecurity challenges in 2022.

December 31, 2021 / 2 minute read

CISO Stories Podcast: Key Issues to Cover for Today's CISOs

CISO Leon Ravenna dives into cyber insurance and why D&O requirements may be on the horizon, regulatory burdens and what to expect out of the US Government, how the intersection of Security and Privacy is impacting CISOs...

December 29, 2021 /

Malicious Life Podcast: Logout4Shell - A Digital Vaccine for Log4Shell

Yonatan Striem-Amit, CTO & Co-Founder of Cybereason discusses the Log4j vulnerability and the unusual vaccine dubbed Logout4Shell that uses the the Log4Shell exploit to close the vulnerability - check it out…

December 27, 2021 /

Cybereason Named ‘Highest-Rated Cloud Computing Company to Work For’ by Battery Ventures

Cybereason was recognized for high employee satisfaction, good company culture, high ratings of senior leadership, exceptional company performance and the ability to attract and retain talent...

December 23, 2021 / 2 minute read

Cybereason Partners with M.Tech to Strengthen Organizations’ Cybersecurity

Cybereason has partnered  with M.Tech to provide organizations the ability to predict, detect and respond to cyberattacks at planetary scale and maximum speed...

December 23, 2021 / 2 minute read

CISO Stories Podcast: Model-Driven Security Leveraging Data Science

Jim Routh joins the podcast to discuss his experience around creating over 300 models using data science, machine learning and automated incident response to bolster the security posture for a large commercial organization - check it out...

December 22, 2021 /

History’s Most Notorious Ransomware Gangs

The actual ransomware payload is the very tail end of a RansomOps attack, so there are weeks or even months of detectable activity prior to the payload delivery where an attack can be intercepted proactively...

December 21, 2021 / 3 minute read

Malicious Life Podcast: Shawn Carpenter - A Cyber Vigilante

Shawn Carpenter - an employee of Sandia National Laboratory - was at a crossroads: should he ignore a Chinese attack against U.S. targets as his superiors ordered him to do, or continue investigating the case on his own? Check it out…

December 20, 2021 /

The First True XDR Solution

Cybereason CEO Lior Div reflects on the events of this past week, including DefenderCon and the launch of Cybereason XDR powered by Google Cloud.

December 17, 2021 / 2 minute read

UPDATED: Cybereason Log4Shell Vaccine Offers Permanent Mitigation Option for Log4j Vulnerabilities (CVE-2021-44228 and CVE-2021-45046)

Cybereason researchers have released an updated "vaccine” with permanent mitigation option for the Log4Shell vulnerabilities (CVE-2021-44228 and CVE-2021-45046) which is freely available on GitHub and relatively simple to implement...

December 17, 2021 / 4 minute read

THREAT ANALYSIS REPORT: Inside the LockBit Arsenal - The StealBit Exfiltration Tool

This report provides analysis on the evolution of configuration and implementation aspects of the StealBit malware developed by the LockBit ransomware group to exfiltrate sensitive data from targets for double extortion purposes…

December 16, 2021 / 20 minute read

The Definitive Guide to Extended Detection and Response (XDR)

The Definitive Guide to Achieving 10X the Security Results Without 10X the Work is for security leaders who are seeking answers to how XDR can help them address the most pressing operational and business challenges facing cybersecurity teams...

December 16, 2021 / 1 minute read

CISO Stories Podcast: CISOs Need Training Too

How does the CISO ensure that the proper skills are maintained to continue to lead the security organization? ISSA President Candy Alexander joins the podcast to discuss how CISOs can stay on top of their game - check it out...

December 16, 2021 /

How Cybereason Detects and Prevents Exploits Leveraging Log4Shell Vulnerability

In this interactive demo, see the AI-driven Cybereason XDR Platform detect and block an attacker attempting to compromise a Tomcat server with a Log4Shell exploit to deploy a malicious webshell...

December 15, 2021 / 2 minute read

AI-Driven Cybereason XDR and EDR Now Available on Google Cloud Marketplace

Google Cloud customers can now protect their organizations from sophisticated cyberattacks with the availability of the Cybereason XDR and EDR solutions on the Google Cloud Marketplace...

December 15, 2021 / 2 minute read

Introducing Cybereason XDR Powered by Google Cloud

Cybereason and Google Cloud have unveiled Cybereason XDR powered by Google Cloud, the first AI-driven XDR platform capable of ingesting and analyzing threat data from across the entire IT environment...

December 14, 2021 / 3 minute read

Security Industry Innovator Art Coviello Joins Cybereason Board of Directors

Coviello will provide strategic guidance as Cybereason continues its hypergrowth trajectory following a recent $325 million Series F funding round...

December 13, 2021 / 1 minute read

Malicious Life Podcast: Ransomware Attackers Don’t Take Holidays

Ken Westin, Director of Security Strategy, discusses the findings in recent report "Organizations at Risk: Ransomware Attackers Don’t Take Holidays" - including why ransomware attacks today are so effective and dangerous - check it out...

December 13, 2021 /

Cybereason Solutions Are Not Impacted by Apache Log4j Vulnerability (CVE-2021-44228)

Cybereason has completed verification that the Apache Log4j vulnerability (CVE-2021-44228) does not affect any Cybereason products or services...

December 10, 2021 / 1 minute read

Cybereason Extends Feature Support for Linux

Cybereason is proud to announce that we now support Endpoint Controls for Linux...

December 10, 2021 / 1 minute read

Webinar January 11th 2022: Live Attack Simulation - Ransomware Threat Hunter Series

Learn how mature security teams effectively counter a modern ransomware operation and avoid a system-wide takeover by bad actors - all delivered through a step-by-step walkthrough of an attack...

December 10, 2021 / 1 minute read

THREAT ALERT: The Return of Emotet

Since the first Twitter post about this most recent discovery, the team at G DATA and the Cybereason SOC team have seen multiple Emotet samples in the wild, particularly between November 21-23, confirming that Emotet is reemerging...

December 9, 2021 / 3 minute read

CISO Stories Podcast: No Senior Management Buy-In - No Success

Are you reporting the same risks each year? This may be due to lack buy-in from senior management - Chris Apgar joins the podcast to discuss how to show that funding security initiatives is more than just risk avoidance - check it out...

December 9, 2021 /