Employee Spotlight: On Values and Culture at Cybereason

"When I first joined, I heard about the 'Defender' concept so much I almost felt skeptical, but the Defender vibe is real, it’s in the DNA of the company - the people here really believe in what we do..."

January 26, 2022 / 3 minute read

The Fog of Cyberwar

As tensions escalate between Russia and the United States over the situation in Ukraine, it is more important than ever for Defenders to be prepared to protect against cyberattacks.

January 25, 2022 / 2 minute read

Three Reasons XDR Should Drive Your Security Strategy

Security teams are short-staffed, network complexity continues to increase and the cost of data breaches is growing - XDR offers an opportunity to reverse these trends and more...

January 25, 2022 / 4 minute read

The Private Infrastructure Security Renaissance

Although it seems counterintuitive and  a throwback to Enterprise IT setups from nearly a decade ago, private infrastructure is in a Renaissance period...

January 24, 2022 / 3 minute read

Ten of the Biggest Ransomware Attacks of 2021

Researchers estimated there would be about 714 million ransomware attacks by the end of 2021, a 134% year-over-year increase from 2020. Let’s take a moment now to examine ten of the biggest ransomware attacks of 2021...

January 24, 2022 / 4 minute read

Malicious Life Podcast: Hacker Highschool

Pete Herzog, co-founder of ISECOM and Hacker Highschool, wants our kids to learn about cybersecurity - especially the more advanced stuff like security analysis and hacking - check it out...

January 24, 2022 /

Cybereason XDR: 10X Faster Threat Hunting

Cybereason XDR connects the dots between seemingly disparate or innocuous events to power 10X improvements in threat hunting...

January 20, 2022 / 3 minute read

CISO Stories Podcast: Moving to the Cloud? Don’t Forget Hardware Security

Steve Orrin, Federal CTO at Intel, joins the podcast to discuss approaches to remaining compliant with the various laws when moving to the cloud - check it out...

January 20, 2022 /

Five Ransomware Myths that Leave Businesses Vulnerable

Remember, the actual ransomware payload is the very tail end of a RansomOps attack, so there are weeks to months of detectable activity prior to the payload where an attack can be intercepted...

January 19, 2022 / 5 minute read

Evaluating Open XDR vs. Native XDR

Open XDR can leverage multiple security tools, vendors and telemetry types, all integrated into a single detection and response platform that centralizes behavior analysis...

January 19, 2022 / 3 minute read

Employee Spotlight: On Becoming a Defender at Cybereason

"My focus is on our North American partners - I empower them to provide a solution that gives their customers the desired outcomes and protect their environments, companies, and livelihoods..."

January 19, 2022 / 4 minute read

Webinar February 3rd 2022: Live Attack Simulation - Ransomware Threat Hunter Series

Understand how mature security teams effectively counter modern ransomware operations and avoid a system-wide takeover by bad actors - all delivered through a step-by-step walkthrough of an attack...

January 19, 2022 / 1 minute read

Malicious Life Podcast: The Mystery of Cicada 3301

A cryptic message posted on 4Chan in January 2012 started thousands of crypto-lovers competing to be the first to crack the puzzles created by the mysterious Cicada 3301. Who is Cicada3301, and what are their goals? Check it out...

January 18, 2022 /

Cybereason Launches  ‘Pay As You Grow’ Program to Nurture Managed Security Services Partners

The PAYG program for Managed Security Services Providers (MSSPs) provides the most trusted solution providers with financial flexibility to increase their margins and profitability...

January 18, 2022 / 1 minute read

New Year, Same Old Microsoft Issues

The New Year is a clean slate and an opportunity to be better than the year before, but Microsoft kicked off 2022 with 97 new security updates, including 6 zero-day vulnerabilities.

January 14, 2022 / 2 minute read

Ukraine Government and Embassy Websites Attacked

Government and embassy websites in Ukraine were defaced in a broad attack that could lead to an escalation of tension as Russia continues to mass military power on the border.

January 14, 2022 / 2 minute read

The MalOp Severity Score: Because Every Second Counts

Cybereason MDR leverages a technology called the MalOp Severity Score (MOSS), which enables security teams conduct lightning-quick triage and remediation...

January 14, 2022 / 2 minute read

CISO Stories Podcast: Privacy Hunger Games - Change the Rules

Organization's may be leaking information without proper procedures in place - CCO/CPO Samantha Thomas explains how she changed this and the law in the process - check it out...

January 13, 2022 /

Employee Spotlight: On Defending Clients and Promoting Growth

There’s a real community here. We’re all working toward a common goal and with a shared mission: to help businesses stop being targets, to help people do business without getting hacked or falling victim to ransomware...

January 13, 2022 / 4 minute read

Achieve 10X Faster Response Time with Cybereason XDR

Cybereason XDR delivers an operation-centric approach to security that enables analysts of all skill levels to quickly understand an attack without crafting complicated queries...

January 12, 2022 / 3 minute read

EDR, MDR and XDR – What Are the Differences?

Shortcomings in traditional tools explain why XDR is generating a lot of buzz - it extends the capabilities of EDR beyond endpoints to an organization’s cloud workloads, application suites, and user personas...

January 12, 2022 / 4 minute read

Threat Analysis Report: DatopLoader Exploits ProxyShell to Deliver QBOT and Cobalt Strike

After exploitation of ProxyShell, attackers used Exchange to distribute phishing emails with the QBot payload and DatopLoader, a loader previously used to distribute the Cobalt Strike malware...

January 11, 2022 / 10 minute read

The State of Ransomware in the Public Sector

Things escalated even further in June of 2021, when public sector entities experienced 10 times as many ransomware attempts as organizations in other sectors, an increase of 917% year over year...

January 11, 2022 / 3 minute read

FBI Warns US Companies to Avoid Malicious USB Devices

The FBI issued a warning following a string of attacks allegedly by the FIN7 cybercrime group involving sending malicious USB thumb drives to targets...

January 10, 2022 / 3 minute read

Malicious Life Podcast: How the Internet Changed the NSA

Jeff Man was one of the first people at the NSA to make the transition from hardware to software, and he shares with us his experiences from that period - check it out…

January 10, 2022 /

Building Enterprise Immunity with XDR

Robust protection mechanisms are not as binary as saying “good file” and “bad file” or “good user” and “bad user.” You must understand the interactions between malicious actors (or even suspicious actors) and your environment...

January 10, 2022 / 2 minute read

Cybereason XDR: 10X Productivity Boost From Unified Investigations

Explore two common attacks that illustrate the benefit of the Cybereason operation-centric approach: A 10X productivity boost from unified investigations...

January 7, 2022 / 3 minute read

CISO Stories Podcast: Server Room to War Room - Enterprise Incident Response

Dawn-Marie Hutchinson, CISO at BAT, has navigated organizations during crises with a “play like you practice” Incident Response approach - check it out...

January 6, 2022 /

Automating the “R” in Your XDR Strategy

Advanced XDR doesn’t rely on a flood of non-contextual threat alerts from across disparate assets, but instead delivers deep context and correlations between assets to detect sooner and automates responses to mitigate faster...

January 5, 2022 / 5 minute read

Cybereason Nabs Three ‘Built In Boston's Best Places to Work 2022’ Awards

Cybereason named to three Built in Boston’s Best Places to Work lists for 2022: Boston Best Places to Work, Boston Best Paying Companies, and Boston Best Large Companies to Work For...

January 5, 2022 / 2 minute read

Malicious Life Podcast: Does Code === Free Speech?

When the FBI asked Apple to write code that would give the FBI access to a suspect's iPhone, Apple refused, arguing it violates the First Amendment - check it out…

January 4, 2022 /

A ‘NEW’ Cybersecurity Philosophy for the New Year

The end of 2021 feels like a repeat of the end of 2020. Cybereason CEO Lior Div outlines why we need a new philosophy for the cybersecurity challenges in 2022.

December 31, 2021 / 2 minute read

CISO Stories Podcast: Key Issues to Cover for Today's CISOs

CISO Leon Ravenna dives into cyber insurance and why D&O requirements may be on the horizon, regulatory burdens and what to expect out of the US Government, how the intersection of Security and Privacy is impacting CISOs...

December 29, 2021 /

Malicious Life Podcast: Logout4Shell - A Digital Vaccine for Log4Shell

Yonatan Striem-Amit, CTO & Co-Founder of Cybereason discusses the Log4j vulnerability and the unusual vaccine dubbed Logout4Shell that uses the the Log4Shell exploit to close the vulnerability - check it out…

December 27, 2021 /

Cybereason Named ‘Highest-Rated Cloud Computing Company to Work For’ by Battery Ventures

Cybereason was recognized for high employee satisfaction, good company culture, high ratings of senior leadership, exceptional company performance and the ability to attract and retain talent...

December 23, 2021 / 2 minute read

Cybereason Partners with M.Tech to Strengthen Organizations’ Cybersecurity

Cybereason has partnered  with M.Tech to provide organizations the ability to predict, detect and respond to cyberattacks at planetary scale and maximum speed...

December 23, 2021 / 2 minute read

CISO Stories Podcast: Model-Driven Security Leveraging Data Science

Jim Routh joins the podcast to discuss his experience around creating over 300 models using data science, machine learning and automated incident response to bolster the security posture for a large commercial organization - check it out...

December 22, 2021 /

History’s Most Notorious Ransomware Gangs

The actual ransomware payload is the very tail end of a RansomOps attack, so there are weeks or even months of detectable activity prior to the payload delivery where an attack can be intercepted proactively...

December 21, 2021 / 3 minute read

Malicious Life Podcast: Shawn Carpenter - A Cyber Vigilante

Shawn Carpenter - an employee of Sandia National Laboratory - was at a crossroads: should he ignore a Chinese attack against U.S. targets as his superiors ordered him to do, or continue investigating the case on his own? Check it out…

December 20, 2021 /

The First True XDR Solution

Cybereason CEO Lior Div reflects on the events of this past week, including DefenderCon and the launch of Cybereason XDR powered by Google Chronicle.

December 17, 2021 / 2 minute read

UPDATED: Cybereason Log4Shell Vaccine Offers Permanent Mitigation Option for Log4j Vulnerabilities (CVE-2021-44228 and CVE-2021-45046)

Cybereason researchers have released an updated "vaccine” with permanent mitigation option for the Log4Shell vulnerabilities (CVE-2021-44228 and CVE-2021-45046) which is freely available on GitHub and relatively simple to implement...

December 17, 2021 / 4 minute read

THREAT ANALYSIS REPORT: Inside the LockBit Arsenal - The StealBit Exfiltration Tool

This report provides analysis on the evolution of configuration and implementation aspects of the StealBit malware developed by the LockBit ransomware group to exfiltrate sensitive data from targets for double extortion purposes…

December 16, 2021 / 20 minute read

The Definitive Guide to Extended Detection and Response (XDR)

The Definitive Guide to Achieving 10X the Security Results Without 10X the Work is for security leaders who are seeking answers to how XDR can help them address the most pressing operational and business challenges facing cybersecurity teams...

December 16, 2021 / 1 minute read

CISO Stories Podcast: CISOs Need Training Too

How does the CISO ensure that the proper skills are maintained to continue to lead the security organization? ISSA President Candy Alexander joins the podcast to discuss how CISOs can stay on top of their game - check it out...

December 16, 2021 /

How Cybereason Detects and Prevents Exploits Leveraging Log4Shell Vulnerability

In this interactive demo, see the AI-driven Cybereason XDR Platform detect and block an attacker attempting to compromise a Tomcat server with a Log4Shell exploit to deploy a malicious webshell...

December 15, 2021 / 2 minute read

AI-Driven Cybereason XDR and EDR Now Available on Google Cloud Marketplace

Google Cloud customers can now protect their organizations from sophisticated cyberattacks with the availability of the Cybereason XDR and EDR solutions on the Google Cloud Marketplace...

December 15, 2021 / 2 minute read

Introducing Cybereason XDR Powered by Google Chronicle

Cybereason and Google Cloud have unveiled Cybereason XDR powered by Google Chronicle, the first AI-driven XDR platform capable of ingesting and analyzing threat data from across the entire IT environment...

December 14, 2021 / 3 minute read

Security Industry Innovator Art Coviello Joins Cybereason Board of Directors

Coviello will provide strategic guidance as Cybereason continues its hypergrowth trajectory following a recent $325 million Series F funding round...

December 13, 2021 / 1 minute read

Malicious Life Podcast: Ransomware Attackers Don’t Take Holidays

Ken Westin, Director of Security Strategy, discusses the findings in recent report "Organizations at Risk: Ransomware Attackers Don’t Take Holidays" - including why ransomware attacks today are so effective and dangerous - check it out...

December 13, 2021 /

Cybereason Solutions Are Not Impacted by Apache Log4j Vulnerability (CVE-2021-44228)

Cybereason has completed verification that the Apache Log4j vulnerability (CVE-2021-44228) does not affect any Cybereason products or services...

December 10, 2021 / 1 minute read

Cybereason Extends Feature Support for Linux

Cybereason is proud to announce that we now support Endpoint Controls for Linux...

December 10, 2021 / 1 minute read

Webinar January 11th 2022: Live Attack Simulation - Ransomware Threat Hunter Series

Learn how mature security teams effectively counter a modern ransomware operation and avoid a system-wide takeover by bad actors - all delivered through a step-by-step walkthrough of an attack...

December 10, 2021 / 1 minute read

THREAT ALERT: The Return of Emotet

Since the first Twitter post about this most recent discovery, the team at G DATA and the Cybereason SOC team have seen multiple Emotet samples in the wild, particularly between November 21-23, confirming that Emotet is reemerging...

December 9, 2021 / 3 minute read

CISO Stories Podcast: No Senior Management Buy-In - No Success

Are you reporting the same risks each year? This may be due to lack buy-in from senior management - Chris Apgar joins the podcast to discuss how to show that funding security initiatives is more than just risk avoidance - check it out...

December 9, 2021 /

Cybereason Taps Former Dyson CISO CK Chim as Field CSO to Support APAC Expansion

“I am incredibly impressed with not only Cybereason’s rapid expansion across the Asia Pacific region, but their operation-centric security approach to helping defenders by providing future-ready attack protection that unifies security from the endpoint, to the enterprise, to everywhere the battle moves..."

December 9, 2021 / 1 minute read

Leveraging the XDR Advantage in the Midst of a Pandemic

If a security provider’s EDR can’t handle all the endpoint telemetry required to detect and end attacks faster and more efficiently, you can be sure their XDR platform suffers similar limitations...

December 8, 2021 / 3 minute read

Ransomware by the Numbers – An Impact Overview

Despite the significant impact ransomware attacks have on organizations, most simply are not prepared to defend against them even if their organization has already suffered a successful ransomware attack...

December 7, 2021 / 4 minute read

Under the Hood: What Artificial Intelligence on the Endpoint Looks Like

Predictive Ransomware Protection, a revolutionary AI-based endpoint protection solution, detects attacks at the earliest stages in real-time by bringing artificial intelligence to each and every endpoint...

December 6, 2021 / 3 minute read

Malicious Life Podcast: Tay: A Teenage Bot Gone Rogue

Microsoft Tay could tweet, answer questions and even make its own memes - but within mere hours of going live, Tay began outputting racist, anti-Semitic and misogynist tweets - check it out...

December 6, 2021 /

Cl0p Ransomware Gang Tries to Topple the House of Cards

Cybereason CEO Lior Div provides insight on the recent attack from the Cl0p ransomware gang and the potential implications for the upcoming holiday season...

December 3, 2021 / 2 minute read

Planned Parenthood Ransomware Attack Has Far Reaching Implications

As profits for ransomware gangs and affiliates soar, cybercriminal entrepreneurs have become more brazen in their attacks - in this case, the exposure of this sensitive data could have a significantly larger impact than holding the data at ransom...

December 2, 2021 / 2 minute read

Lives at Risk from Planned Parenthood Ransomware Attack

The Los Angeles branch of Planned Parenthood was hit with a ransomware attack that risks exposing sensitive and potentially life threatening information on 400,000 patients...

December 2, 2021 / 3 minute read

CISO Stories Podcast: Skills I Needed to be a First-Time CISO

Infosec skills don’t necessarily transfer to CISO skills, but CISO skills are 100% transferable to your infosec career - Richard Kaufmann VP/CISO at Amedisys discusses how growth begins outside of your comfort zone...

December 2, 2021 /

Cybereason Partners with SiS International to Protect Joint Customers in Hong Kong

As a renowned value added distributor in Hong Kong, SiS will play a significant role in expanding Cybereason’s partner ecosystem by working with resellers and MSSPs to offer the Cybereason Defense Platform and services...

December 2, 2021 / 1 minute read

Join Us for DefenderCon 2021!

Join us on December 14 for DefenderCon 2021 to be among the first to learn about Cybereason's cutting-edge security solutions and network with your peers throughout the world...

December 1, 2021 / 1 minute read

Ransomware Underscores Need for Layered, Predictive Defenses

Cybereason prevents ransomware before escalation and includes the ability to restore encrypted files to their previously unencrypted state as a final layer of defense against ransomware operations...

December 1, 2021 / 4 minute read

AI/ML Powered Automation: The Future of Cybersecurity at Scale

The Cybereason Defense Platform leverages multiple layers of AI/ML analysis to quickly identify malicious chains of behavior, never before seen malware strains, complex ransomware attack sequences and other digital threats...

December 1, 2021 / 4 minute read

New Cybereason Features Advance Prevention, Detection and Response

Cybereason has released some feature updates to bring additional functionalities that drastically improve how defenders can predictively prevent, detect and respond to known and emerging threats...

November 30, 2021 / 2 minute read

A Brief History of Ransomware Evolution

There have been over 200 ransomware attacks that have made headlines in 2021 so far - to understand how we got here, let's look at how the ransomware threat has evolved over the years...

November 30, 2021 / 5 minute read

Malicious Life Podcast: Wild West Hackin' Fest

Black Hills Infosec founder John Strand discusses The Wild West Hackin’ Fest - a unique security conference that emphasizes diversity and lowering the barriers to entering the world of security...

November 29, 2021 /

Webinar December 1st: Ransomware Attackers Don’t Take Holidays

Join us for this live webinar as we delve into new research findings about the risk to organizations from ransomware attacks that occur on weekends and holidays and how you can better prepare to defend against them...

November 29, 2021 / 1 minute read

CISO Stories Podcast: Which Approach Wins - Compliance or Risk?

Regulations provide the necessary motivation for many organizations to implement security controls that may not otherwise be present, but is this enough? Is it really security?

November 24, 2021 /

Which Data Do Ransomware Attackers Target for Double Extortion?

The double extortion tactic is very effective because it undermines ransomware recovery strategies that rely on data backups - with double extortion the options for organizations become more limited...

November 23, 2021 / 4 minute read

Malicious Life Podcast: Inside Operation Flyhook Part 2

To capture Alexey Ivanov and his business partner and bring them to justice, the FBI created an elaborate ruse: a fake company named Invita, complete with a fake website and a fake office building - check it out...

November 22, 2021 /

Dear Defenders

This letter to defenders from Cybereason CEO Lior Div reflects on the state of cybersecurity and what defenders need to be prepared for in the year ahead.

November 19, 2021 / 5 minute read

CISO Stories Podcast: Who is Your SOC Really For?

How do you increase the effectiveness of a Security Operations Center (SOC) and share this information across the organization for greater efficiency and adoption? Ricardo Lafosse, CISO at Kraft Heinz, explains - check it out...

November 18, 2021 /

Cybereason Research Finds Organizations Unprepared for Ransomware Attacks on Weekends and Holidays

The research findings highlight a disconnect between the risk ransomware poses to organizations during these off-hour periods and their preparedness to respond during weekends and into the holiday season...

November 17, 2021 / 4 minute read

Predictive Ransomware Protection: The Key to Ending a Global Crisis

Predictive prevention means that Cybereason stops ransomware with the highest degree of confidence based on subtle behaviors and attacker activity - we automatically see what others miss and infer the attacker’s next move without manual intervention...

November 17, 2021 / 3 minute read

Cybereason Partners with Moviri to Deliver Operation-Centric Security

Cybereason is joining forces with Moviri to deliver industry-leading Cybereason Endpoint Detection and Response (EDR) solution to joint customers...

November 17, 2021 / 1 minute read

RansomOps™: Detecting Complex Ransomware Operations

Remember, the ransomware payload is the tail end of a RansomOps attack, and there are weeks or months of detectable activity prior where an attack can be arrested before there is impact to the target...

November 16, 2021 / 3 minute read

Malicious Life Podcast: Inside IP/BGP Hijacking

In 2016 communications between Canada and Korea were hijacked, and in 2017 traffic from Sweden and Norway was also hijacked - all routed to China. What is IP/BGP Hijacking and what are its security implications? Check it out...

November 15, 2021 /

Ransomware Whack-a-Mole

Cybereason CEO Lior Div shares his thoughts on how to deal with ransomware Whack-a-Mole after a busy week of both good and bad ransomware headlines...

November 12, 2021 / 2 minute read

Cybereason and Nuspire Partner to Empower Organizations to Stop Cyber Attacks

Combining the Cybereason operations-centric EDR with Nuspire’s top-notch security operations team enables defenders to combat sophisticated and persistent threats to our mutual customer’s organizations...

November 12, 2021 / 2 minute read

CISO Stories Podcast: Do You Know Where Your Data Is?

William Miaoulis. CISO at Auburn University, joins the podcast to discuss some of the typical situations that lead to the exposure of sensitive information and how to prevent them - check it out...

November 11, 2021 /

Why XDR is a ‘Must Have’ for Organizations of Every Size

XDR collects all pertinent telemetry, uses AI to analyze it and add actionable context, then allows for true automation of responses across endpoints, on-prem and cloud workloads, user identities and more...

November 10, 2021 / 3 minute read

Cybereason Earns Gold OPSWAT Access Control Certification

Cybereason has earned the coveted Gold-level OPSWAT Certified Security Applications verification for the Cybereason Sensors ActiveProbe 21.X for Windows, Mac and Linux endpoints...

November 10, 2021 / 2 minute read

THREAT ANALYSIS REPORT: From Shathak Emails to the Conti Ransomware

The ITG23 group is partnering with the TA551 (Shatak) threat group to distribute ITG23’s TrickBot and BazarBackdoor malware which attackers use to deploy Conti ransomware on compromised systems...

November 9, 2021 / 9 minute read

The Ransom Disclosure Act and Defending Against Complex RansomOps™

The ability to recognize RansomOps early in the attack progression is the key to preventing a successful ransomware attack and relegating the adversary activity to a much less disruptive intrusion or data exfiltration attempt...

November 9, 2021 / 3 minute read

When Your EDR Vendor Attacks!

SentinelOne's use of PowerShell in their product is similar to how malicious actors abuse it, causing False Positives for customers and an uproar on Twitter...

November 8, 2021 / 2 minute read

Zero Trust Race is On: Do You Have the Right Engine?

The automated correlation capabilities within Cybereason Advanced XDR ensures identities, authentication and authorization to cloud accounts, endpoints and devices takes a Zero Trust validation model approach...

November 8, 2021 / 4 minute read

The CISA Directive Is Crucial for Cybersecurity

Cybereason CEO Lior Div weighs in on the latest directive from CISA for federal agencies and the importance of viewing cybersecurity as a continuously evolving process...

November 8, 2021 / 2 minute read

Malicious Life Podcast: Inside Operation Flyhook Part 1

Alexey Ivanov thought he had a brilliant idea: hack American corporations and then blackmail them to force them to contract his services as a security consultant - so what could go wrong? Check it out...

November 8, 2021 /

Cybereason Recognized in The Herd 100 Top Emerging Privately Held U.S. Technology Companies

Cybereason has been honored by recognition in The Herd 100, a ranking of the Top 100 private technology companies, for enabling defenders to outthink and outpace sophisticated cyber threats...

November 4, 2021 / 2 minute read

CISO Stories Podcast: The Nexus of Security, Privacy and Trust

Allison Miller, CISO at Reddit, discusses the nexus of Security, Privacy and Trust - should they be equally weighted? In what circumstances does the need for one outweigh the need for the others? Check it out...

November 4, 2021 /

Webinar November 18th: Anatomy of a Ransomware Attack

Join Cybereason CEO and co-founder Lior Div and CSO Sam Curry November 18th as they break down the anatomy of a ransomware attack and explain how defenders can take steps to protect their organization by orchestrating the most effective ransomware defense...

November 3, 2021 /

Actionable XDR Telemetry vs. Uncorrelated SIEM Alerts

If a provider is trying tout the elimination of valuable telemetry through “smart filtering” as a solution feature, this is a big red flag that should tell you they cannot deliver effective XDR - or even EDR for that matter...

November 3, 2021 / 3 minute read

Cybereason and Tech Data Partner to End Cyberattacks in Asia Pacific Region

Cybereason and Tech Data will protect joint customers through expert MDR services that leverage the Cybereason Defense Platform, a multi-layered solution that combines the power of EPP prevention with industry-leading EDR capabilities...

November 3, 2021 / 1 minute read

What Are the Most Common Attack Vectors for Ransomware?

Exploiting Microsoft Remote Desktop Protocol (RDP) accounted for more than half of all ransomware infections, followed by email phishing and the exploitation of software vulnerabilities...

November 2, 2021 / 3 minute read

NOBELIUM Demonstrates  Why Microsoft Is the Weakest Link

Troubling takeaways: Microsoft essentially took a product security advisory and framed it as threat research, and less than a year after the SolarWinds attacks, Microsoft allowed the same threat actors to slip through again...

November 1, 2021 / 2 minute read

Conti Ransomware Gang Strikes ‘Jeweler to the Stars’

Cybereason has been tracking the Conti ransomware gang since 2020 and they have conducted hundreds of attacks against hospitals, law enforcement agencies and critical infrastructure operators...

November 1, 2021 / 3 minute read

Video: Google Cloud and Cybereason Shift the XDR Paradigm to 'Detect and Anticipate'

The Google Cloud and Cybereason partnership shifts the XDR paradigm to “detect, understand, anticipate" by introducing a prognostic element that anticipates attacker behaviors to deliver faster conviction of potentially malicious activity...

November 1, 2021 / 1 minute read

Ransomware Head to Head: Why Does Cybereason Anti-Ransomware Win Over SentinelOne?

Every organization needs to defend effectively against the growing threat of ransomware, so it's important to have the right tools. Cybereason is undefeated against ransomware and beats SentinelOne...

November 1, 2021 / 3 minute read

Malicious Life Podcast: In Defense of the NSA

The NSA is one of the world's most formidable intelligence operations. We spoke at length with Ira Winkler, CISO, Skyline Technology Solutions, who started his career at the NSA - check it out...

November 1, 2021 /

Webinar November 11th: Live Attack Simulation - Ransomware Threat Hunter Series

Join this session on November 11th to learn how mature security teams can deal with a modern ransomware operation and avoid a system-wide takeover by threat actors - delivered through a step-by-step walkthrough of an attack...

October 29, 2021 / 1 minute read

THREAT ANALYSIS REPORT: Snake Infostealer Malware

This report provides an overview of key features of the Snake #malware and similarities discovered in the staging mechanisms with two other information-stealing malware variants, FormBook and Agent Tesla...

October 28, 2021 / 16 minute read

CISO Stories Podcast: Five Mistakes Impacting Security and Privacy Policy Creation

Charles Cresson Wood joins the podcast to discuss the five key mistakes teams make in creating and delivering impactful policies for any organization - check it out...

October 28, 2021 /

Webinar: Live Attack Simulation - EMEA Ransomware Threat Hunter Series

Join this EMEA session to learn how mature security teams can deal with a modern ransomware operation and avoid a system-wide takeover by threat actors - delivered through a step-by-step walkthrough of an attack...

October 28, 2021 / 1 minute read

THREAT ALERT: Malicious Code Implant in the UAParser.js Library

A threat actor has implanted malicious code in UAParser.js, a JavaScript library that parses User-Agent data where the implanted code deploys cryptocurrency-mining and information-stealing malware on compromised systems...

October 27, 2021 / 3 minute read

What is Advanced XDR? Understanding Extended Detection and Response

Cybereason Advanced XDR collects and analyzes 100% of event telemetry in real-time, processing more than 23 trillion security-related events per week with absolutely no “dumb filtering" that can leave your organization at risk...

October 27, 2021 / 3 minute read

Microsoft Publishes Veiled Mea Culpa Disguised as Research

Microsoft released a report on malicious activity they are attributing to a Russian threat actor that seems to suggest that Microsoft platforms and products were compromised...

October 26, 2021 / 3 minute read

EDR Buyer’s Guide: Microsoft E5 Licenses and Security Risks

Microsoft introduces vulnerabilities at an astounding pace, but still wants organizations to bundle IT and Security spend with an expensive E5 license - learn why "good enough" security is just not good enough for today's advanced threats...

October 26, 2021 / 1 minute read

An Operation-Centric Approach to RansomOps™ Prevention

Understanding RansomOps and strategies to detect and disrupt them early in the kill chain can turn a potentially devastating ransomware attack into a less disruptive intrusion and/or data exfiltration attempt...

October 26, 2021 / 4 minute read

Webinar: Live Attack Simulation - Ransomware Threat Hunter Series

Join this session to learn how mature security teams can deal with a modern ransomware operation and avoid a system-wide takeover by threat actors - delivered through a step-by-step walkthrough of an attack...

October 25, 2021 / 1 minute read

Malicious Life Podcast: Marcus Hutchins - A Controversial Hero

Marcus Hutchins became a hero for stopping the WannaCry attacks despite his troubled past as the teenage hacker who created the dangerous rootkit KRONOS - should a criminal-turned-hero be punished for past crimes? Check it out...

October 25, 2021 /

Microsoft OneDrive Used for Ransom Operations

Microsoft needs to focus on creating products that are more secure and stop coercing customers into accepting inferior security solutions through its E5 "bundled" licensing model. - it is not even close to good enough security...

October 22, 2021 / 2 minute read

CISO Stories Podcast: NotPetya - 45 Minutes and 10,000 Servers Encrypted

Todd Inskeep walks us through the lessons learned after managing a NotPetya ransomware attack. Don’t miss this podcast for valuable insights from a real-life scenario - check it out...

October 21, 2021 /

Three Secrets to Ending Ransomware

Ending ransomware is about minimizing the window of time between the moment when a ransomware attack infiltrates your environment and the moment when you’re able to detect it and respond to it...

October 20, 2021 / 3 minute read

Why All Telemetry is Essential for XDR Performance

Some vendors resort to "data filtering" where they eliminate vital telemetry before analysis, which produces an incomplete snapshot of an organization’s security posture and will not answer the question “are we under attack?”

October 20, 2021 / 3 minute read

What is the Dark Web Ransomware Marketplace?

Members of dark markets commonly promote Ransomware-as-a-Service (RaaS) operations where malicious actors post ads for different ransomware kits for rent and varying levels of support for RansomOps...

October 19, 2021 / 3 minute read

Cybereason CEO Lior Div Takes Featured Speaker Spot at CNBC Disruptor 50 Summit

Cybereason CEO and Co-founder Lior Div will be a featured speaker at CNBC’s 2021 Disruptor 50 Summit on October 21, discussing the accelerated adoption of AI and its application in stopping ransomware attacks...

October 19, 2021 / 1 minute read

Malicious Life Podcast: Operation GhostShell - An Iranian Espionage Campaign

Newly identified Iranian threat actor MalKamak that has been leveraging a new and sophisticated RAT (remote access trojan) dubbed ShellClient that abuses Dropbox for C2 (command and control)...

October 18, 2021 /

Ransomware: The Global Cybersecurity Pandemic

Cybereason CEO Lior Div shares his thoughts on the Biden Administration's 30-nation ransomware summit in an attempt to coordinate a global effort to fight ransomware...

October 15, 2021 / 2 minute read

Microsoft’s Failure to Prioritize Security Puts Everyone at Risk

No matter how you justify the “savings” in bundling IT and Security spend together with a (still very expensive) E5 license, the fact is you’d essentially be paying Microsoft twice to protect you from… Microsoft...

October 14, 2021 / 5 minute read

CISO Stories Podcast: Security Awareness that Actually Works

Steven Lentz joins the podcast to explain how he successfully engaged the workforce through creative and visible security awareness methods - check it out...

October 14, 2021 /

Cybereason Recognized in Debut XDR New Wave™ Report

Cybereason recognized in the debut Forrester XDR New Wave™ Report, continuing the tremendous momentum following the acquisition of security analytics company empow and a strategic partnership with Google Cloud to deliver a planetary-scale XDR solution...

October 13, 2021 / 2 minute read

What is the Importance of XDR in Cloud Security?

The Cybereason XDR Platform draws upon IOCs as well as Indicators of Behavior (IOBs), which provide insight into the more subtle signs of compromise to protect on-prem and cloud, identities, and applications from exploitation...

October 13, 2021 / 3 minute read

Cybereason and Aon Collaborate to Prevent Cyber Attacks

Cybereason is partnering with Aon, a leading global professional services firm, in an alliance to help protect clients from sophisticated cyber attacks...

October 13, 2021 / 1 minute read

Cybereason and Google Cloud Join Forces to Drive XDR Innovation

Cybereason and Google Cloud have entered into a strategic partnership to deliver unrivaled Extended Detection and Response (XDR) speed and accuracy to secure endpoints, networks, containers, application suites, user personas and cloud infrastructure...

October 12, 2021 / 2 minute read

What is Ransomware-as-a-Service and How Does it Work?

RansomOps attacks begin with a developer making malicious code available on the black market - the custom code delivers the ransomware payload and the RaaS providers help negotiate payment, and they split the fee with the affiliate...

October 12, 2021 / 3 minute read

Malicious Life Podcast: Smart TVs - a New Security Battlefield

Smart TVs - equipped with microphones, cameras, and an internet connection - are the weakest link in smart home security. So, is a person's smart home still their castle? Check it out...

October 11, 2021 /

Protecting the US Government from Cyber Attacks

We launched a new subsidiary, Cybereason Government, Inc., to empower US government agencies with the Cybereason XDR Platform.

October 8, 2021 / 2 minute read

CISO Stories Podcast: Extending Detection and Response to the Cloud

CISO Kathy Wang discusses challenges in extending detection and response capabilities to cloud deployments while ensuring threats are correlated across endpoints, mobile, application suites and user identities - check it out...

October 7, 2021 /

Operation GhostShell: Novel RAT Targets Global Aerospace and Telecoms Firms

The highly-targeted attacks against aerospace and telecoms firms by new Iranian threat actor MalKamak includes newly discovered malware that evaded security tools since 2018 and abuses Dropbox services for command and control...

October 6, 2021 / 16 minute read

Webinar: The Future of Endpoint Security

 Join Cybereason CSO Sam Curry and IBM Security Executive Advisor Limor Kessem as they discuss the future of endpoint security based on the results from ESG's Endpoint Security Trends report...

October 5, 2021 / 1 minute read

New Cybereason Government Subsidiary Empowers U.S. Agencies to Detect Malicious Operations Faster

Cybereason is excited to announce the creation of a U.S. Government subsidiary, Cybereason Government Inc., dedicated to prevention, detection and response of malicious operations targeting U.S. Government agencies...

October 5, 2021 / 2 minute read

How Do Initial Access Brokers Enable Ransomware Attacks?

Microsoft Remote Desktop Protocol (RDP) vulnerabilities accounted for over half of all ransomware attacks, where Initial Access Brokers scan for exposed RDP ports and then sell network access to ransomware groups...

October 5, 2021 / 4 minute read

Running Robust Managed Detection and Response Services

Looking into how the SOC fits into the business in addition to identifying the specific use-cases will help a team define and create an effective operation and service delivery...

October 4, 2021 / 6 minute read

Malicious Life Podcast: Inside the MITRE ATT&CK Framework

Cybereason CISO Israel Barak delves into the MITRE ATT&CK framework and explains how it can help organizations get better at detecting stealthy advanced attacks - check it out...

October 4, 2021 /

If You Prevent Ransomware You Don’t Need to Recover from It

Not all ransomware protection is created equally. Cybereason CEO Lior Div shares why the goal is to prevent ransomware from succeeding, not just getting better at recovering from it after the fact...

October 1, 2021 / 2 minute read

CISO Stories Podcast: Security from Scratch - Incident Response on a Budget

Every organization must be able to respond to an attack quickly - Sam Monasteri joins the podcast to discuss key steps to implement in an incident response plan without breaking the bank...

September 30, 2021 /

Govware Conference: Cybereason CEO Lior Div to Deliver Keynote

Keynote address will focus on research into three Chinese threat groups that targeted telecoms companies as detailed in the report DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos...

September 30, 2021 / 1 minute read

How Does XDR Solve the IT Infrastructure Visibility Gap?

Detection and Response was once limited to traditional endpoints, but XDR means it can now be applied across applications, cloud workloads, user personas and more to correlate events across these disparate elements...

September 29, 2021 / 3 minute read

Ransomware Prevention vs. Recovery: Which Costs Businesses More?

Research demonstrates that it is significantly less costly to prevent a ransomware attack than to suffer a ransomware infection and pay the costs to recover fully - so what's the hesitation?

September 28, 2021 / 3 minute read

Threat Analysis Report: Inside the Destructive PYSA Ransomware

The PYSA ransomware gang uses tools like Koadic, PsExec and Mimikatz for credential theft and lateral movement before executing PowerShell scripts that stop or remove system security mechanisms like Windows Defender...

September 27, 2021 / 10 minute read

Malicious Life Podcast: Should the U.S. Ban Chinese and Russian Technology?

Every year there’s a new story of some software like 'Tik Tok' or 'FaceApp' from a hostile country that may be a security threat to us in the West - so what should be done in cases like this? Ira Winkler joins the discussion - check it out...

September 27, 2021 /

Video: The CIO’s Role in Establishing a Cyber Resilience Strategy

Cybereason CTO and co-founder Yonatan Striem-Amit discusses the latest cyber trends that are impacting organizations, what happens when a company is confronted by an attack, and how these attacks can be effectively prevented...

September 27, 2021 / 1 minute read

1,460-Day Old Known Vulnerability Catches Microsoft Off Guard

Despite all the vulnerabilities they regularly introduce into the market, Microsoft professes to be a security provider - clearly Microsoft has enough on its plate just trying to keep their own products secure...

September 24, 2021 / 3 minute read

CISO Stories Podcast: Fiscally Responsible Ways to Train and Build Community

CISO Kevin Novak explains how to bring business units together to form your own DEFCON-type event in-house or in partnership with other organizations - check it out...

September 23, 2021 /

Threat Analysis Report: PrintNightmare and Magniber Ransomware

The Cybereason GSOC Team details infections with a recent version of the Magniber ransomware in which the initial attack vector is the exploitation of the notorious PrintNightmare vulnerability...

September 22, 2021 / 15 minute read

How XDR is Changing Security for the Better

XDR allows organizations to move to an operation-centric approach by freeing SOC analysts from an alert-centric posture that cannot scale to keep up with the rapidly evolving threat landscape...

September 22, 2021 / 3 minute read

Cybereason Partners with Sysware to Secure Indonesian Companies

Cybereason is partnering with Sysware, a leading software distributor in Indonesia, to protect companies from sophisticated cyber attacks on endpoints and across their networks...

September 22, 2021 / 1 minute read

How the Ransomware Gangs Stay One Step Ahead

Maze and LockBit collaboration highlights how ransomware gangs share infrastructure, expertise and stolen data, which helps attackers evolve by learning from one another...

September 21, 2021 / 3 minute read

Malicious Life Podcast: Jack Rhysider and the Darknet Diaries

Jack Rhysider discusses the origins of Darknet Diaries and the effect the show’s success has had on his personal life - which you might be surprised to discover wasn’t always 100% positive - check it out...

September 20, 2021 /

Webinar: Inside the REvil Ransomware - Pick Your Path

Is your organization prepared to handle a major ransomware attack? Join us for a tabletop exercise where we will walk you through a REvil ransomware attack as if it were on your infrastructure...

September 20, 2021 /

Grief Gang’s New Quadruple Extortion Scheme Doesn’t Change the Game

A new twist from the Grief Gang ransomware group raises the ransomware stakes to quadruple extortion, but it doesn't matter - the only effective defense against ransomware is to stop it before it gets to the extortion phase...

September 17, 2021 / 2 minute read

CISO Stories Podcast: Communications Before, During and After a Breach

Melanie Ensign joins the podcast to explain how security teams benefit from relationships with the communications and public relations specialists before, during and after a breach event - check it out...

September 16, 2021 /

Four Considerations for Evaluating XDR Platforms

There’s a growing need for the more holistic approach to threat detection and response that XDR can deliver. Why? Just look at what’s going on in the digital threat landscape...

September 15, 2021 / 3 minute read

Three Pillars of Infosec: Confidentiality, Integrity and Availability

When in doubt, return to the basics and make sure you are excelling in those areas before following industry trends that may or may not improve your security posture...

September 15, 2021 / 5 minute read

Update Your Apple Devices to Guard Against Pegasus Spyware Attacks

Apple released updates to address no-click zero-day exploits being used to push spyware onto devices of unsuspecting users. Now that the flaws are public, there is greater urgency to apply the updates before other threat actors try to take advantage of them...

September 14, 2021 / 2 minute read

What is Driving the Surge of Ransomware Attacks?

More digital infrastructure means organizations have more assets that attackers can use as attack vectors to establish a foothold on the network before moving laterally and deploying their ransomware payloads...

September 14, 2021 / 3 minute read

Azurescape Vulnerability: More Evidence that  Microsoft Should Leave Security to the Experts

Microsoft is selling broken software and also offering to sell you the security tools to mitigate the risk they introduce. Microsoft should focus on securing its own products and leave cybersecurity to the experts...

September 13, 2021 / 2 minute read

Malicious Life Podcast: The Tesla Hack

A mysterious stranger approached an employee of Tesla's Gigafactory and offered him 1 million dollars to insert a malware-laden USB flash drive into a company computer - check it out...

September 13, 2021 /

Gartner Report: 2021 Competitive Landscape for Endpoint Protection Platforms

Cybereason delivers superior endpoint protection against sophisticated attacks through multi-layered prevention, AI-powered behavioral detection and comprehensive response...

September 13, 2021 / 1 minute read

Microsoft Zero-Day-of-the-Month Club

Microsoft alerted customers to yet another zero-day flaw being exploited in the wild. There will continue to be zero-day vulnerabilities, but organizations need to defend against attacks anyway...

September 10, 2021 / 3 minute read

THREAT ALERT: Microsoft MSHTML Remote Code Execution Vulnerability

The Cybereason GSOC Managed Detection and Response (MDR) team is investigating CVE-2021-40444, a critical vulnerability in the Microsoft Hypertext Markup Language (MSHTML) web content rendering engine that Microsoft Office applications use...

September 10, 2021 / 3 minute read

UN Breach Highlights Escalation of Cyber Threats

It is no surprise that the UN would be a cyber attack target, and there is no shame in being attacked. The fact that the attack involved a compromised username and password is the real problem...

September 9, 2021 / 2 minute read

CISO Stories Podcast: The Unpatchable Vulnerability that is Human Nature

Rachel Tobac delves into social engineering where she leverages her background in neuroscience and behavioral psychology to exploit the unpatchable vulnerability that is human nature - check it out...

September 9, 2021 /

Ransomware Attackers Don’t Take Holidays

Cybereason CSO Sam Curry provides insight on the trend of holiday ransomware attacks and the attack against Howard University over Labor Day weekend...

September 8, 2021 / 2 minute read

Cybereason’s Lodrina Cherne Joins Panel on Building a More Inclusive Future in Cybersecurity

"Rather than focusing on how far cybersecurity has to go to represent more views and voices, I hope attendees come away with actions they can take today to support diversity across schools and workplaces..."

September 8, 2021 / 1 minute read

Cybereason and Smarttech247 Partner to Deliver Managed Detection and Response

Cybereason is joining forces with Smarttech247 to defend joint customers through managed detection and response services that block cyber attacks on endpoints anywhere on their networks...

September 8, 2021 / 1 minute read

Busted: Taking Down Ransomware Attackers

The attention surrounding ransomware might be unprecedented this year, and law enforcement has brought ransomware actors to justice in the past. Let’s look at a few examples...

September 8, 2021 / 3 minute read

Malicious Life Podcast: Understanding China’s Cyber Culture

Lt. Colonel (Ret.) Bill Hagestad examines how China's culture and troubled history of western colonialism influenced its government views regarding the internet and its interactions with western tech companies...

September 7, 2021 /

Microsoft Vulnerability Exposes Thousands to Risk…Again

Microsoft leverages its dominance in the enterprise market to try and push its security tools, but repeated security failures and massive breaches demonstrate that organizations shouldn't trust their security to Microsoft. It takes an operation-centric approach and a company dedicated to one thing--protecting customers against attacks.

September 2, 2021 / 2 minute read

Cybersecurity is National Security

President Biden invited tech CEOs to the White House to improve cybersecurity across the nation - the summit resulted in some bold initiatives that are a step in the right direction, but there is still more to be done...

September 2, 2021 / 2 minute read

CISO Stories Podcast: Did You Ask For (and Get) Too Much Security Budget?

What happens when you get the funding you asked for? CSO James Christiansen joins the podcast to discuss security budgeting lessons learned you won’t want to miss - check it out...

September 2, 2021 /

The Value Drivers for an XDR Investment

Consider the value that stopping a ransomware attack at initial ingress or at lateral movement on the network versus a costly and disruptive incident response scramble and “roll-back” of encryption on every affected system...

September 1, 2021 / 3 minute read

ESG Research Report: 2021 Trends in Endpoint Security

Though there is no explicit definition of an endpoint protection platform (EPP), but there are qualifications for what a good solution looks like - download the complimentary ESG report to learn more...

August 31, 2021 / 1 minute read

Evolving Ransomware Tactics Include Recruiting Insiders and DDoS Attacks

Ransomware gangs are targeting insiders to give them network access as well as threatening targets with DDoS attacks if they refuse to pay a ransom demand in double extortion schemes...

August 31, 2021 / 3 minute read

THREAT ALERT: Microsoft Exchange ProxyShell Exploits and LockFile Ransomware

The exploitation of the ProxyShell vulnerabilities enables attackers to execute arbitrary commands on compromised systems, which may lead to full system compromise and/or the deployment of malware...

August 30, 2021 / 3 minute read

Malicious Life Podcast: The Life and Times of John McAfee

What do you get when you take a gun-toting cybersecurity pioneer and add a serious amount of money to the mix? You get John McAfee's unbelievable life and times - check it out...

August 30, 2021 /

Afghanistan, the Taliban and National Security

It's been a chaotic week with the situation in Afghanistan and the alleged cyber attack at the US State Department. Cybereason CEO Lior Div shares his thoughts on the implications for national security and what it means for cybersecurity in general...

August 26, 2021 / 2 minute read

CISO Stories Podcast: Practical Considerations for Managing Your MSSP

Jonathan Nguyen-Duy, VP Field CISO Team, joins this podcast to discuss strategies for working with MSSPs to ensure that your organization is obtaining the most value - check it out...

August 26, 2021 /

How XDR Delivers on SOAR’s Unfulfilled Promises

After being around for years, has SOAR really delivered on any of the lofty promises? Ask any user, and their answer will most likely be “kind of" because analysts still need to manually intervene and sift through all the “well organized noise...”

August 25, 2021 / 3 minute read

Implications of the Alleged State Department Breach

Cybereason CSO Sam Curry shares his thoughts on the alleged cyber attack against the US State Department and the potential implications for cybersecurity for both government agencies and private sector organizations...

August 24, 2021 / 2 minute read

Cybereason vs. LockBit2.0 Ransomware

Following the rise of the new LockBit2.0 and the attack against the global IT company Accenture, this report provides detailed information about the attack process and how the Cybereason Defense Platform detects and prevents this threat at several stages...

August 24, 2021 / 6 minute read

Webinar: Extended Detection and Response (XDR) - Past, Present and Future

What is XDR, how is it different, and can it actually stop today’s malicious operations? In this special webinar session, learn about the evolution of XDR today and where it's heading in the future...

August 23, 2021 /

Malicious Life Podcast: Ten Years On - Are We Doing Security Right?

So how far have security solutions and capabilities come in a decade? Art Coviello, former CEO of RSA Security, is joined by Malcolm Harkins, former CSO at Intel, to discuss the cybersecurity landscape 10 years after the RSA Breach - check it out...

August 23, 2021 /

T-Mobile and BlackBerry: More Lessons Learned the Hard Way

T-Mobile and BlackBerry made the news this week, but there are cybersecurity headlines every week. The lesson we need to learn from these events is that organizations need to be able to detect and stop malicious operations regardless of the latest vulnerability or data breach...

August 19, 2021 / 2 minute read

CISO Stories Podcast: Achieving Security Buy-In - Change Approach Not Culture

David Nolan, Vice President of Information Security at Aaron’s, joins the podcast to discuss how to achieve consensus on security in the organizations - check it out...

August 19, 2021 /

BlackBerry QNX Vulnerability Highlights Lurking Issues with IOT Security

If your customers don’t demand security, and you aren’t rewarded for investing in it, there’s little market incentive to fix it by making the necessary investments. In fact, there’s generally a complete market failure when it comes to security, and IOT is no exception...

August 18, 2021 / 3 minute read

Three Reasons Why You Should Never Pay Ransomware Attackers

After falling prey to a ransomware attack, most organizations are faced with the decision of whether they’re going to pay the ransom demand. We’ll save you some time: it’s not worth it, and here are three of the many reasons why it does not pay to pay...

August 18, 2021 / 3 minute read

Gartner Report: How to Prepare for Ransomware Attacks

Security and risk management leaders need to look beyond the endpoints to help protect the organization from ransomware - fine-tuning incident response processes is a key component for successful mitigation of these multi-stage attacks...

August 17, 2021 / 1 minute read

T-Mobile Data Breach Amplifies Larger Cybersecurity Challenge

What is particularly concerning with the breach is the availability of mobile phone IMEI identity numbers tied to each specific customer’s phone - the more info cybercriminals have about you, the more targeted and effective they can make their attack...

August 17, 2021 / 2 minute read

XDR: The Key to Solving SIEM Shortcomings

SIEMs were intended to solve an array of issues by using automation to better enable analysts to detect and respond to security issues more quickly. But have SIEM solutions really delivered on their promises?

August 17, 2021 / 3 minute read

Malicious Life Podcast: DeadRinger - Exposing Chinese APTs Targeting Major Telcos

Cybereason identified several attack campaigns targeting the telecoms industry across Southeast Asia that are assessed to be the work of multiple Chinese APT groups - Nocturnus Team lead Assaf Dahan discusses the implications...

August 16, 2021 /

LockBit Ransomware Wants to Hire Your Employees

Cybereason CEO Lior Div talks about the latest ransomware attacks from LockBit and the insidious new twist LockBit has introduced--openly soliciting employees to help launch ransomware attacks from the inside...

August 12, 2021 / 2 minute read

Accenture Responds Following LockBit Ransomware Attack

The way to stop complex RansomOps attacks is ultimately financial: make the cost too high, the revenue too small, and the initiative too risky. Those are the levers we must use, and the revenue part is a big one...

August 12, 2021 / 4 minute read

The Rising Threat from LockBit Ransomware

The LockBit ransomware gang has been making headlines recently with a push to recruit inside help for its ransomware-as-a-service platform and a compromise of global consulting giant Accenture...

August 11, 2021 / 3 minute read

CISO Stories Podcast: Hacking Your Way Into Cybersecurity

Kerissa Varma discusses the security skills shortage and her initiative to recruit people from fields who have skill sets applicable to security, but they might not even know it - check it out...

August 11, 2021 /

Webinar: REvil Ransomware - Pick Your Path

How would you and your organization handle a major ransomware attack? Join us for a tabletop exercise where we will walk your organization through a REvil ransomware attack as if it were on your infrastructure...

August 10, 2021 / 1 minute read