A SANS Review of Anomali ThreatStream
Cybersecurity is a daily, ongoing battle between sophisticated and motivated adversaries and defenders seeking to mitigate breaches and attacks and prevent them from occurring. A key strategy for security organizations that want to become intelligence-driven is to be proactive...
ESG Estimates a 233% ROI from Anomali Threat Intelligence Solutions
Never before has it been critical for enterprises to effectively empower an increasingly remote workforce with access to applications and resources across several geographic regions, networks, and devices.
Enterprises are often forced to...
Threat intelligence researchers are looking closely at REvil, the ransomware gang that infected up to 1,500 companies in a single swoop. A look at the group's online infrastructure shows clear lines to Russian and U.K. service providers that, in theory, could help law enforcement agencies but don't appear eager to...
Microsoft announced Monday a definitive agreement to buy RiskIQ, an attack surface management and threat intelligence firm. Last month, Microsoft acquired the firmware analysis company ReFirm Labs.
As ransomware attacks become more prolific, their success is being driven by the increasing use of specialists who can refine every stage of an attack. It's a reminder that the goal of cybercrime remains to maximize illicit profits as easily and quickly as possible.
It was stealthy, and it was widespread. But perhaps the Kaseya VSA ransomware attack wasn't quite as effective and damaging as initially feared, says Michael Daniel, president and CEO of the Cyber Threat Alliance. He explains where defenses succeeded.
REvil, aka Sodinokibi, is one of today's most notorious - and profitable - ransomware operations, driven by highly skilled affiliates who share profits with the operators. And the operators are constantly improving the malware, including porting it to Linux to target network-attached storage and hypervisors.
The NSA, the FBI and other U.S. government agencies are tracking an ongoing Russian cyberespionage campaign in which attackers are using brute-force methods to access Office 365 and other cloud-based services.
In a multinational effort led by the Dutch National Police, authorities seized servers and web domains used by DoubleVPN, a Russia-based company that allegedly provided a safe operating infrastructure for cybercriminals, according to Europol.
The legitimate security penetration testing tool Cobalt Strike is increasingly being used by threat groups, especially those that are less technically proficient, according to a Proofpoint report. The security firm says the number of attacks using the tool rose by 161% from 2019 to 2020.
Cyberattackers are using malware dubbed "Crackonosh" to disable many antivirus programs, paving the way for installation of the XMRig cryptominer, according to Avast. So far, this approach has generated more than $2 million in monero for the attackers over the last seven months, the security firm reports.
The U.S. Secret Service has published a Most Wanted Fugitives list featuring 10 suspects wanted in connection with financial cybercrimes The agency is offering rewards of up to $1 million for information on two Ukrainian suspects who allegedly targeted the SEC in 2016.
A newly identified threat group is using a repurposed version of REvil ransomware to wage attacks, according to security company Secureworks’ Counter Threat Unit.
The Ponemon Institute found that today 75 percent of all organizations in the United States are not prepared to respond to an attack. Is yours among them?
By leveraging a highly effective combination of human and machine power, SOAR stacks can improve the efficiency of your incident response activities, reduce the...
The Korea Atomic Energy Research Institute, a South Korean organization, confirms it was recently hacked, apparently by a North Korean group that exploited a VPN vulnerability.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.
