APT28

Fortinet Threat Research Finds Cybercriminals Are Exploiting New Industry Vulnerabilities 43% Faster than 1H 2023

Retrieved on: 
월요일, 5월 6, 2024
Lazarus, Blog, Sale, Risk, Certification, Fortinet, APT28, APT29, OT, Research, Transport, Intelligence, TAA, MITRE, EPSS, APT, Health, Oil, Education outreach, Interpol, NIST, Certs, Lazarus Group, Organization, ZeroAccess botnet, Network, WEF, No More, Medical device

Based on this analysis, the second half of 2023 saw attackers increase the speed with which they capitalized on newly publicized vulnerabilities (43% faster than 1H 2023).

Key Points: 
  • Based on this analysis, the second half of 2023 saw attackers increase the speed with which they capitalized on newly publicized vulnerabilities (43% faster than 1H 2023).
  • Some N-Day vulnerabilities remain unpatched for 15+ years: It’s not just newly identified vulnerabilities that CISOs and security teams must worry about.
  • To illustrate this point, the last three Global Threat Landscape Reports have looked at the total number of vulnerabilities targeting endpoints.
  • Learn more about FortiGuard Labs threat intelligence and research and Outbreak Alerts , which provide timely steps to mitigate breaking cybersecurity attacks.

Trend Micro Discovers Actively Exploited Vulnerability Affecting Millions of Users: Customers Already Protected

Retrieved on: 
화요일, 2월 13, 2024
Microsoft SmartScreen, ZDI, Intelligence, Risk management, APT40, News, Data bank, Microsoft Windows, Trend Micro, TYO, Risk, EDR, CISO, Organization, APT29, APT, RAT, Microsoft, IPS, APT28

DALLAS, Feb. 13, 2024 /PRNewswire/ -- Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, announced its discovery of a vulnerability in Microsoft Windows Defender that is actively being exploited by cyberthreat group Water Hydra.

Key Points: 
  • Trend discovered the vulnerability on December 31, 2023 and Trend customers have been automatically protected since January 1, 2024.
  • Trend protects its customers by issuing virtual patches an average of 51 days before patches are released, including this zero-day for Microsoft.
  • Trend estimates that customers who applied all virtual patches in 2023 saved an average of $1M for their enterprise.
  • Mark Houpt, CISO, Databank: "We have experienced first-hand the advantages of being under the protective umbrella of Trend Micro.

CardinalOps to Present at Splunk .conf23 User Conference on New Approach to Measuring Detection Posture Using MITRE ATT&CK

Retrieved on: 
화요일, 7월 11, 2023
Lazarus, Dark, Lazarus Group, FIN7, TTP, Simple Authentication and Security Layer, APT28, Information Age, Yale Center for Environmental Law & Policy, Intelligence, MITRE ATT&CK, Research, Scott J. Shapiro, Behavior, Bailey Sarian, Security, Organization, Philosophy, Risk, Yale University, IAM, ESG, CK, ATT, MITRE, ATT&CK, Telemetry, Conference, Automation, Risk management, Splunk

TEL-AVIV, Israel and BOSTON, July 11, 2023 /PRNewswire/ -- CardinalOps , the detection posture management company, is delivering an educational session about Splunk and MITRE ATT&CK at the Splunk .conf23 User Conference on Tuesday, July 18th at 1:30pm PDT in the Conference Theater.

Key Points: 
  • TEL-AVIV, Israel and BOSTON, July 11, 2023 /PRNewswire/ -- CardinalOps , the detection posture management company, is delivering an educational session about Splunk and MITRE ATT&CK at the Splunk .conf23 User Conference on Tuesday, July 18th at 1:30pm PDT in the Conference Theater.
  • The concept is simple: preventing breaches starts with having the right detections in Splunk.
  • In this session, Phil Neray, VP of Cyber Defense Strategy at CardinalOps, will discuss:
    Why more detections don't always equate to better security.
  • CardinalOps will be demonstrating how its detection posture management platform integrates with Splunk in Booth #T301.

CardinalOps Named Winner of Global InfoSec Awards During RSA Conference 2023

Retrieved on: 
월요일, 4월 24, 2023
Sentinel, Lazarus, Dark, Lazarus Group, IBM, FIN7, TTP, CrowdStrike, APT28, Intelligence, Microsoft, MITRE ATT&CK, Wired, Research, Organization, CEH, RSA, CDM, Risk, ESG, Splunk, CISSP, MITRE, Conference, Palo Alto Networks, Behavior, SIEM, Automation, Risk management, North Hall

TEL-AVIV, Israel and BOSTON, April 24, 2023 /PRNewswire/ -- CardinalOps, the detection posture management company, today announced that Cyber Defense Magazine (CDM) has selected the company as the winner of the "Next Generation Continuous Detection Posture Management" category in the 11th Annual Global InfoSec Awards.

Key Points: 
  • TEL-AVIV, Israel and BOSTON, April 24, 2023 /PRNewswire/ -- CardinalOps , the detection posture management company, today announced that Cyber Defense Magazine (CDM) has selected the company as the winner of the "Next Generation Continuous Detection Posture Management" category in the 11th Annual Global InfoSec Awards.
  • CardinalOps joins Global InfoSec award winners in other categories including Microsoft, Palo Alto Networks, Sumo Logic, Tanium, and more.
  • "Security operations teams are challenged by constant change in the threat landscape and a constantly-expanding attack surface," said Michael Mumcuoglu, CEO and co-founder at CardinalOps.
  • CardinalOps will be exhibiting at the RSA Conference 2023 in San Francisco, April 24-27 (North Hall, booth #5228).

Mandiant Unveils M-Trends 2023 Report, Delivering Critical Threat Intelligence Directly from the Frontlines

Retrieved on: 
화요일, 4월 18, 2023
Cloud, Crypto, Arm, Use, Prevalence, UNC, APT28, Intelligence, Government, Organization, South Korea, Collection, Risk, Google Cloud, Democratic People's Party, MITRE, Environment, CK, ATT&CK, ATT, Annual report, Arms industry, Cryptocurrency, Retail, Mandiant

RESTON, Va., April 18, 2023 /PRNewswire/ -- Mandiant Inc., now part of Google Cloud, today released the findings of its M-Trends 2023 report. Now in its 14th year, this annual report provides timely data and expert analysis on the ever-evolving threat landscape based on Mandiant frontline investigations and remediations of high-impact cyber attacks worldwide. The new report reveals the progress organizations globally have made in strengthening defenses against increasingly sophisticated adversaries.

Key Points: 
  • Ongoing validation of cyber resilience against these latest threats and testing of overall response capabilities are equally critical."
  • Mandiant experts noted a decrease in the percentage of their global investigations involving ransomware between 2021 and 2022.
  • To meet this objective, Mandiant provides insight into some of the most prolific threat actors and their expanding tactics, techniques and procedures.
  • The metrics reported in M-Trends 2023 are based on Mandiant Consulting Investigations of targeted attack activity between January 1, 2022 and December 31, 2022.

CardinalOps Launches MITRE ATT&CK Security Layers for Measuring Detection Posture Linked to Desired Business Outcomes

Retrieved on: 
금요일, 7월 21, 2023
Lazarus, Sentinel, Technique, Lazarus Group, IBM, FIN7, TTP, Simple Authentication and Security Layer, Secop, APT28, Intelligence, MITRE ATT&CK, Research, Attention, Organization, Logic, Risk, IAM, ESG, APT, Splunk, CK, MITRE, ATT, ATT&CK, Telemetry, Behavior, Automation, Risk management, Video game

TEL-AVIV, Israel and BOSTON, April 4, 2023 /PRNewswire/ -- CardinalOps, the detection posture management company, today announced a new approach for measuring detection posture and identifying gaps using the MITRE ATT&CK framework.

Key Points: 
  • Developed by CardinalOps, MITRE ATT&CK Security Layers dramatically extends the concept of ATT&CK coverage by measuring the "depth" of detection coverage for the first time.
  • Additionally, Security Layers enable organizations to link their coverage to desired business outcomes by immediately identifying blind spots related to crown-jewel assets such as their most sensitive applications and data.
  • Using automation and specialized analytics, the CardinalOps platform helps organizations continuously measure and visualize their detection posture using MITRE ATT&CK Security Layers.
  • "SecOps teams are looking for a more precise and holistic approach to measure their MITRE ATT&CK detection posture and identify gaps based on organizational priorities and desired business outcomes," said Michael Mumcuoglu, CEO and co-founder of CardinalOps.

Trend Micro Uncovers Prolific Cyber Mercenary Group "Void Balaur"

Retrieved on: 
수요일, 11월 10, 2021
Storm, Pawn storm, Intelligence, Trend Micro, Industry, Fancy Bear, Organization, Telecommunication, Research, Social media, APT28, Awareness, TYO, TSE, IVF, AWS, ATM, Microsoft, Animal, Risk management, Cryptocurrency

The report details the activity of a group of threat actors self-described as "Rockethack," which Trend Micro has dubbed "Void Balaur"named after an evil multi-headed creature from Eastern European folklore.

Key Points: 
  • The report details the activity of a group of threat actors self-described as "Rockethack," which Trend Micro has dubbed "Void Balaur"named after an evil multi-headed creature from Eastern European folklore.
  • Since at least 2018, the group has been advertising only on Russian-language forums and has accrued unanimously positive reviews.
  • Trend Micro has associated thousands of indicators with Void Balaur, which are also available to organizations as part of the comprehensive threat intelligence.
  • With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world.