Security News
Yesterday, after being banned from the Conti ransomware operation, a Conti affiliate leaked the training material for the ransomware operation on the XSS hacking forum, giving security researchers and defenders an inside look at the tools being used by the group. A new ransomware gang named BlackMatter is purchasing access to corporate networks while claiming to include the best features from the notorious and now-defunct REvil and DarkSide operations.
Yesterday, after being banned from the Conti ransomware operation, a Conti affiliate leaked the training material for the ransomware operation on the XSS hacking forum, giving security researchers and defenders an inside look at the tools being used by the group. A new ransomware gang named BlackMatter is purchasing access to corporate networks while claiming to include the best features from the notorious and now-defunct REvil and DarkSide operations.
Threat detection startup ReversingLabs has raised $56 million in a Series B funding round. The new funding round was led by private equity firm Crosspoint Capital Partners.
VMware released a report which analyzes how cybercriminals are manipulating reality to reshape the modern threat landscape. "Today, we're seeing a nexus between nation-states and cybercriminals continue to rapidly advance the development of increasingly sophisticated and destructive cyberattacks, combined with the broadening of the attack surface as a result of COVID-19," says Tom Kellermann, head of cybersecurity strategy, VMware.
Part of Elastic Security, Elastic Limitless XDR modernizes security operations by unifying the capabilities of security information and event management, security analytics, and endpoint security. Elastic Limitless XDR is anchored in SIEM and enriched by a single agent for endpoint security to eliminate data silos, reduce alert fatigue, and arm practitioners to stop threats at cloud scale.
NetWitness, an RSA business, unveiled NetWitness Ransomware Defense Cloud Services, a managed cloud service that monitors endpoints without traditional deployment and administration requirements. Ransomware Defense Cloud Services also includes detection intelligence developed from in-depth ransomware research and development, combined with experienced threat hunting in enterprise environments.
Cyware announced a partnership with RiskIQ. The partnership combines advanced global threat intelligence automation with enriched, high-fidelity threat intelligence data to enable customers to...
This combination will enable organizations to shrink their attack surface, prioritize vulnerabilities to remediate, and reduce their exposure to cyber threats and ransomware attacks by taking a proactive, risk-based approach to patch management. "And unpatched vulnerabilities remain one of the common points of infiltration into organizations' ecosystems. I'm committed to the global fight against ransomware. And I truly believe that the combination of risk-based vulnerability prioritization and automated patch intelligence can help organizations reduce their exposure and make a major impact in global cyberspace. Together, RiskSense and Ivanti will help customers drive operational efficiencies and defend against the next wave of sophisticated cyber threats, including ransomware attacks."
This second part to ISACA's annual State of Cybersecurity 2021 survey report examines cyber threat landscape trends, including frequency and type of attacks, confidence in cybersecurity teams and cybersecurity awareness initiatives, nuances related to security operations and reporting structure, and cybermaturity as a business imperative. "With the increase in the number and rate of cyberattacks worldwide, cybersecurity professionals are facing a challenging 2021 threat landscape that requires constant vigilance," says David Samuelson, CEO, ISACA. "These survey findings illustrate just how essential it continues to be for the global cybersecurity community to actively keep up to date with best practices and training, and ensure their teams are well staffed to detect and respond to attacks."
A previously undocumented Chinese-speaking threat actor is targeting Microsoft Exchange vulnerabilities in an attempt to compromise high-profile victims, Kaspersky reveals. According to Kaspersky, the toolset emerged as early as July 2020, with the threat actor targeting various entities in Southeast Asia, including governmental organizations and telecom companies.