Adversary

Red Canary Detects Spike in Cloud Account Compromises and Email Forwarding Rule Abuse

Retrieved on: 
Wednesday, March 13, 2024
Cloud, Microsoft, Organization, PowerShell, HTML, MFA, Software as a service, Shell, Apple, RMM, Distribution, Poisoning, Prevalence, Environment, Risk, ATT, MacOS, Research, Red, MITRE, Container, Insurance, Human, Telemetry, Investment, Adversary, API, Media, AppleScript, Risk management

DENVER, March 13, 2024 /PRNewswire/ -- Red Canary today unveiled its sixth annual Threat Detection Report, examining the trends, threats, and adversary techniques that organizations ought to prioritize in the coming months and years. The report tracks MITRE ATT&CK® techniques that adversaries abuse most frequently throughout the year, and two new and notable entries soared to the top 10 in 2023: Email Forwarding Rule and Cloud Accounts.

Key Points: 
  • The report tracks MITRE ATT&CK® techniques that adversaries abuse most frequently throughout the year, and two new and notable entries soared to the top 10 in 2023: Email Forwarding Rule and Cloud Accounts.
  • Uptick in macOS threats–in 2023 Red Canary detected more stealer activity in macOS environments than ever before, along with instances of reflective code loading and AppleScript abuse .
  • The rise of cloud account compromises from 46 to number 4 is unprecedented in our dataset–and it's a similar story with email forwarding rules," said Keith McCammon, Chief Security Officer, Red Canary.
  • Education: Email forwarding and hiding rules were more common, likely due to a heavy reliance on email.

2024 CrowdStrike Global Threat Report: From Breakout to Breach in Under Three Minutes; Cloud Infrastructure Under Attack

Retrieved on: 
Wednesday, February 21, 2024
Online Privacy, Data Management, Security, Technology, Software, Artificial Intelligence, Cloud, Universe, Hunting, Identity, AI, Intelligence, Generative, Organization, Adversary, Democracy, Risk management

CrowdStrike (Nasdaq: CRWD) today announced the findings of the 2024 CrowdStrike Global Threat Report , highlighting a surge in adversaries leveraging stolen identity credentials to exploit gaps in cloud environments and maximize the stealth, speed and impact of cyberattacks.

Key Points: 
  • CrowdStrike (Nasdaq: CRWD) today announced the findings of the 2024 CrowdStrike Global Threat Report , highlighting a surge in adversaries leveraging stolen identity credentials to exploit gaps in cloud environments and maximize the stealth, speed and impact of cyberattacks.
  • In the 10th annual edition of the cybersecurity leader’s seminal report, CrowdStrike highlights activity from some of the 230+ prolific threat groups that it tracks today.
  • Key findings in the 2024 report include:
    Dramatic Increase in Attack Velocity: The speed of cyberattacks continues to accelerate at an alarming rate.
  • Listen to the Adversary Universe podcast to glean insights into threat actors and recommendations for bolstering security.

Top 10 Growth Opportunities in Defense for 2024: Insight into Military Modernization and Advanced Technology Integration

Retrieved on: 
Tuesday, January 16, 2024
Adversary, Weapon, Intelligence, Acquisition, Research, AI, Government, Arms industry

DUBLIN, Jan. 16, 2024 /PRNewswire/ -- The "Top 10 Growth Opportunities in Defense, 2024" report has been added to ResearchAndMarkets.com's offering.

Key Points: 
  • DUBLIN, Jan. 16, 2024 /PRNewswire/ -- The "Top 10 Growth Opportunities in Defense, 2024" report has been added to ResearchAndMarkets.com's offering.
  • Countering new threats, such as hypersonic missiles and unmanned loitering munitions, requires new operational thinking and technology advancements from the defense industry.
  • This study highlights 10 growth opportunities for the defense industry that will advance military capabilities.
  • Globally, defense firms are pressured by commercial companies that offer advanced technologies at low prices.

Protect AI Named to 2023 Fortune Cyber 60 List

Retrieved on: 
Thursday, December 14, 2023
Software, Internet, Start-Up, Artificial Intelligence, Data Management, Professional Services, Technology, Security, Policy, Organization, Risk management, Explainable artificial intelligence, PyTorch, Risk, Artificial intelligence, Intelligence, Protection, Machine learning, XGBoost, Adversary, GRC, Bias, AI, TensorFlow, Radar, Medical device, Pickle

Protect AI , the artificial intelligence (AI) and machine learning (ML) security company, today announced it has been named to the inaugural edition of the Fortune Cyber 60 List , which recognizes the top 60 cyber security companies in the world.

Key Points: 
  • Protect AI , the artificial intelligence (AI) and machine learning (ML) security company, today announced it has been named to the inaugural edition of the Fortune Cyber 60 List , which recognizes the top 60 cyber security companies in the world.
  • Protect AI is profiled in the Fortune Cyber 60 report , and was selected for helping organizations see, know and manage security risk in ML systems and AI applications, end-to-end, so they can defend against unique AI security vulnerabilities, data breaches and emerging threats.
  • “Being named to the Fortune Cyber 60 List in our first year of operation, alongside some of the largest security vendors in the industry is a tremendous honor, and speaks to the importance of the problem we are addressing in securing AI,” said Ian Swanson, co-founder and CEO of Protect AI.
  • Protect AI ModelScan is an open source project that scans models to determine if they contain unsafe code.

CardinalOps Contributes to MITRE ATT&CK for Fourth Consecutive Release

Retrieved on: 
Tuesday, November 28, 2023
Knowledge, MITRE, Data, Microsoft Windows, MacOS, MITRE ATT&CK, Observation, Name, Behavior, Organization, Wi-Fi, ATT, Computer security, Cybercrime, Linux, ATT&CK, Software, Security, Common, 57th Adversary Tactics Group, ICS, Discovery, Common knowledge, Adversary, Risk management, Mobile phone, Enterprise

TEL-AVIV, Israel and BOSTON, Nov. 28, 2023 /PRNewswire/ -- CardinalOps, the detection posture management company, announced today that it contributed updates to the latest version of MITRE ATT&CK, a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. CardinalOps' contributions to MITRE ATT&CK v14, which was released on Oct. 31, 2023, marks the fourth consecutive release of MITRE ATT&CK to which the CardinalOps team has contributed.

Key Points: 
  • CardinalOps' contributions to MITRE ATT&CK v14 , which was released on Oct. 31, 2023, marks the fourth consecutive release of MITRE ATT&CK to which the CardinalOps team has contributed.
  • MITRE ATT&CK v14 introduced updates to techniques, groups, campaigns and software for Enterprise, Mobile, and ICS, including a large expansion of detection notes and analytics within techniques in Enterprise.
  • MITRE ATT&CK v14 highlights how these discoveries are made on different systems, including Windows, MacOS, and Linux.
  • "CardinalOps is pleased to have the opportunity to collaborate with MITRE to contribute new techniques for the fourth consecutive release of ATT&CK," said Yair Manor, CTO and co-founder of CardinalOps.

Booz Allen Doubles Down on Adversarial AI Capabilities With New Investment

Retrieved on: 
Tuesday, September 26, 2023
Software, Other Defense, Professional Services, Data Management, Technology, Defense, Artificial Intelligence, Security, Government Technology, Other Technology, Consulting, Military, Federation, Booz, Adversarial machine learning, Microsoft Windows, Synthetic media, Intelligence, Microsoft, Booz Allen Hamilton, Federal, Research, Government, Organization, Investment, Risk, Machine learning, U.S. Department of Defense Strategy for Operating in Cyberspace, Generative, Growth, AI, Responsibility, Adversary, NYSE, Medical device

“Every AI-enabled solution should be assessed for risk and appropriately protected from adversarial attacks – especially as the government looks to deploy AI capabilities in increasingly important applications,” said Matt Keating , leader of Booz Allen’s Adversarial AI portfolio.

Key Points: 
  • “Every AI-enabled solution should be assessed for risk and appropriately protected from adversarial attacks – especially as the government looks to deploy AI capabilities in increasingly important applications,” said Matt Keating , leader of Booz Allen’s Adversarial AI portfolio.
  • The HiddenLayer investment by Booz Allen Ventures better positions us to integrate startup, commercial, and open source innovation to rapidly augment our existing capabilities.
  • The investment also builds on Booz Allen’s focused efforts and missions around Generative AI and Responsible AI , providing a robust security foundation as AI use increases.
  • "Booz Allen continuously proves its commitment to developing AI capabilities that are robust, secure, and offer the technical depth needed by the Federal government.

CrowdStrike 2023 Threat Hunting Report Reveals Identity-Based Attacks and Hands-on-Keyboard Activity on the Rise as Adversaries Look to Bypass Defenses

Retrieved on: 
Tuesday, August 8, 2023
Software, Networks, Internet, Data Management, Technology, Online Privacy, Other Technology, Security, Universe, HAT, Metadata, Noise, CrowdStrike, Black hat, RMM, Intelligence, CISA, Microsoft, Active Directory, Sale, Abuse, Adversary, BLACK, Yoy, API, Environment, Risk management, Cryptocurrency, Linux

BLACK HAT USA -- CrowdStrike (Nasdaq: CRWD), today announced the release of the CrowdStrike 2023 Threat Hunting Report .

Key Points: 
  • BLACK HAT USA -- CrowdStrike (Nasdaq: CRWD), today announced the release of the CrowdStrike 2023 Threat Hunting Report .
  • Covering adversary activity between July 2022 and June 2023, the report is the first to be published by CrowdStrike’s newly unveiled Counter Adversary Operations team , which was officially announced this week at Black Hat USA 2023.
  • Security leaders need to ask their teams if they have the solutions required to stop lateral movement from an adversary in just seven minutes.”
    Download your copy of the full 2023 CrowdStrike Threat Hunting Report on the CrowdStrike website.
  • Listen to the CrowdStrike Adversary Universe podcast to Know and Stop the Adversary.

Comcast Business Report Finds Global Cybersecurity Community at a Crossroads as Technology Advancements Accelerate

Retrieved on: 
Monday, July 31, 2023
Security, Consumer Electronics, Technology, Software, Networks, Internet, Theft, Log4j, Education, Health, TCP, Secure Network Programming, Denial-of-service attack, Apache, Organization, Comcast Business, Chosen-ciphertext attack, RDP, Transmission Control Protocol, Adversary, Xfinity, Research, Comcast, Risk management, Arms industry

Comcast Business today announced the release of its inaugural Comcast Business Cybersecurity Threat Report , presenting essential insights into the global cybersecurity landscape and effective strategies for technology and security leaders to safeguard their organizations against evolving cyber threats.

Key Points: 
  • Comcast Business today announced the release of its inaugural Comcast Business Cybersecurity Threat Report , presenting essential insights into the global cybersecurity landscape and effective strategies for technology and security leaders to safeguard their organizations against evolving cyber threats.
  • Key themes from this year’s report include:
    The majority of breaches now originate with the users of internal and external resources.
  • “Technology teams today are best served through a comprehensive suite of powerful security solutions orchestrated to provide multiple layers of security.”
    Download the 2023 Comcast Business Cybersecurity Threat Report here .
  • To learn more about how Comcast Business can help safeguard your organization from an evolving set of cybersecurity threats, please visit our website .

TaskUs Launches TaskGPT to Help Clients Unleash the Transformative Power of Generative AI in Customer Service Operations

Retrieved on: 
Thursday, June 1, 2023
LLM Communications, DNA, Human, Partnership, CX, Language, TaskUs, Prompt engineering, Machine learning, Algorithm, Generative, Knowledge, Entrepreneurship, AI, 2019 MoneyLion 300, Environment, Adversary, NYSE, Safety, Customer service, Sales, Synthetic media

NEW BRAUNFELS, Texas, June 01, 2023 (GLOBE NEWSWIRE) -- TaskUs, Inc. (Nasdaq: TASK), a leading provider of outsourced digital services and next-generation customer experience to the world’s most innovative companies, today announced the launch of TaskGPT, a powerful customer service application powered by Generative AI.

Key Points: 
  • The new offering builds on TaskUs’ work with the world’s leading generative AI companies creating powerful tools for its global business of 47,700 employees.
  • Today these tools help increase the efficiency of TaskUs frontline employees, power the company’s internal chatbot as well as evaluate employee language and customer service skills.
  • TaskUs consults with companies to drive customer engagement, improve customer service and enhance operations through the use of technology.
  • TaskGPT: TaskUs will continue to build tools based on Generative AI that will help its teammates and partners deliver best–in-class digital customer experiences and next generation customer support for its clients.

CardinalOps Updates Techniques in MITRE ATT&CK v13 Describing New Adversary Methods for Hijacking Corporate Email Systems

Retrieved on: 
Thursday, May 11, 2023
Sentinel, IBM, Microsoft Exchange, MITRE ATT&CK, Research, SOC, Google Workspace, Adversary, Splunk, MITRE, ATT&CK, Microsoft 365, Behavior, Organization, Mail, Risk management, SIEM

TEL-AVIV, Israel and BOSTON, May 11, 2023 /PRNewswire/ -- CardinalOps, the detection posture management company, today announced it contributed updates to the latest version of MITRE ATT&CK describing new ways in which adversary groups like LAPSUS$ hijack corporate email systems such as Office 365, Microsoft Exchange, and Google Workspace.

Key Points: 
  • As the industry-standard framework for understanding adversary playbooks and behavior, MITRE ATT&CK now contains over 600 techniques and sub-techniques employed by both cybercriminal and nation-state threat groups.
  • The updated methods contributed by CardinalOps are used by adversaries to abuse email transport rules.
  • These are the administrative rules that control how messages flow through corporate email systems.
  • Here are the techniques and sub-techniques that were updated in MITRE ATT&CK v13 based on research performed by Liran Ravich, cybersecurity architect at CardinalOps: