CINXE.COM

<!doctype html><html class="no-js" lang="en"><head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <meta name="author" content="Cybereason"> <meta name="description" content="Get the latest research, expert insights, and security industry news."> <meta name="generator" content="HubSpot"> <title>Cybereason Blog | Cybersecurity News and Analysis</title> <link rel="shortcut icon" href="https://www.cybereason.com/hubfs/cr-favicon-1.png"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta property="og:description" content="Get the latest research, expert insights, and security industry news."> <meta property="og:title" content="Cybereason Blog | Cybersecurity News and Analysis"> <meta name="twitter:description" content="Get the latest research, expert insights, and security industry news."> <meta name="twitter:title" content="Cybereason Blog | Cybersecurity News and Analysis"> <style> a.cta_button{-moz-box-sizing:content-box !important;-webkit-box-sizing:content-box !important;box-sizing:content-box !important;vertical-align:middle}.hs-breadcrumb-menu{list-style-type:none;margin:0px 0px 0px 0px;padding:0px 0px 0px 0px}.hs-breadcrumb-menu-item{float:left;padding:10px 0px 10px 10px}.hs-breadcrumb-menu-divider:before{content:'›';padding-left:10px}.hs-featured-image-link{border:0}.hs-featured-image{float:right;margin:0 0 20px 20px;max-width:50%}@media (max-width: 568px){.hs-featured-image{float:none;margin:0;width:100%;max-width:100%}}.hs-screen-reader-text{clip:rect(1px, 1px, 1px, 1px);height:1px;overflow:hidden;position:absolute !important;width:1px} </style> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/module_assets/1/41681847227/1741488491170/module_CR_-_Malicious_Life_Network_--_Tier_One_Header.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/module_assets/1/41682410610/1741488492472/module_CR_-_Malicious_Life_Network_--_Main_Hero.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/module_assets/1/41683226007/1741488493771/module_CR_-_Malicious_Life_Network_--_Featured_Post.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/module_assets/1/41891778605/1741488495726/module_CR_-_Malicious_Life_Network_--_Homepage_Main_Content.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/module_assets/1/101676211074/1741488775972/module_CR_-_Exit_Intent_--_No_Form_--_Flexible.min.css"> <link rel="stylesheet" href="/hs/hsstatic/BlogSocialSharingSupport/static-1.258/bundles/project.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/module_assets/1/34473990280/1740999337265/module_CR_-_Footer_Full__en_US.min.css">  <style id="hs_editor_style" type="text/css"> #hs_cos_wrapper_widget_f08b45e4-9942-4f08-a46e-f4c512b61694 { background-color: #000000 !important; background-image: none !important; border-color: #FF9902 !important; border-radius: 5px !important; border-style: dashed !important; border-width: 1px !important; display: block !important; margin-bottom: 20px !important; margin-top: 20px !important; padding-bottom: 10px !important; padding-left: 10px !important; padding-right: 10px !important; padding-top: 10px !important } </style>  <script> var _hsp = window._hsp = window._hsp || []; window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} var useGoogleConsentModeV2 = true; var waitForUpdateMillis = 1000; var hsLoadGtm = function loadGtm() { if(window._hsGtmLoadOnce) { return; } if (useGoogleConsentModeV2) { gtag('set','developer_id.dZTQ1Zm',true); gtag('consent', 'default', { 'ad_storage': 'denied', 'analytics_storage': 'denied', 'ad_user_data': 'denied', 'ad_personalization': 'denied', 'wait_for_update': waitForUpdateMillis }); _hsp.push(['useGoogleConsentModeV2']) } (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-TJVVB7C'); window._hsGtmLoadOnce = true; }; _hsp.push(['addPrivacyConsentListener', function(consent){ if(consent.allowed || (consent.categories && consent.categories.analytics)){ hsLoadGtm(); } }]); </script>  <script src="https://use.typekit.net/vyv2ljd.js"></script> <script>try{Typekit.load({ async: false });}catch(e){}</script> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script> <link rel="preload" href="/hubfs/__dam/fonts/ionicons.eot" as="font" type="font/otf" crossorigin> <link rel="preload" href="/hubfs/dam/fonts/criteria/Criteria-CF-Regular.woff2" as="font" type="font/woff2" crossorigin> <link rel="preload" href="/hubfs/dam/fonts/criteria/Criteria-CF-Medium.woff2" as="font" type="font/woff2" crossorigin> <link rel="preload" href="/hubfs/dam/fonts/peristyle/Peristyle-Black.woff2" as="font" type="font/woff2" crossorigin> <meta property="og:url" content="https://www.cybereason.com/blog"> <meta property="og:type" content="blog"> <meta name="twitter:card" content="summary"> <link rel="alternate" type="application/rss+xml" href="https://www.cybereason.com/blog/rss.xml"> <meta name="twitter:domain" content="www.cybereason.com"> <script src="//platform.linkedin.com/in.js" type="text/javascript"> lang: en_US </script> <meta http-equiv="content-language" content="en"> <link rel="stylesheet" href="//7052064.fs1.hubspotusercontent-na1.net/hubfs/7052064/hub_generated/template_assets/DEFAULT_ASSET/1744216024290/template_layout.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/template_assets/1/42363645447/1741528345735/template_hamburger-animation.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/template_assets/1/34470477360/1743626992502/template_cr-master__main.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/template_assets/1/34470223313/1741528336747/template_cr-master__cta.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/template_assets/1/34470224480/1741528337131/template_cr-framework__bulma-columns.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/template_assets/1/35291999472/1741528340159/template_cr-framework__bulma.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/template_assets/1/35275979682/1741528339661/template_ionicons.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/template_assets/1/42361739522/1741528344409/template_swiper-bundle.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/template_assets/1/42361739563/1741528344974/template_swiper.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/template_assets/1/42507091846/1741528346726/template_animate.min.css"> <link rel="stylesheet" href="https://www.cybereason.com/hs-fs/hubfs/hub_generated/template_assets/1/42760289143/1741528346957/template_cr-mln__build.min.css"> <meta property="og:image" content="https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/cr-malicious-life-blog-home--featured.jpg"> <meta propety="og:description" content="Get the latest research, expert insights, and security industry news."> <link rel="preconnect" href="https://fonts.googleapis.com"> <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin> <link href="https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap" rel="stylesheet"> <style> /*.row-fluid [class*="span"] {min-height: 0;}*/ </style> </head> <body class=" hs-content-id-65882240630 hs-blog-listing hs-blog-id-5272851739" style="">  <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-TJVVB7C" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>  <div class="header-container-wrapper"> <div class="header-container container-fluid"> <div class="row-fluid-wrapper row-depth-1 row-number-1 "> <div class="row-fluid "> <div class="span12 widget-span widget-type-custom_widget " style="" data-widget-type="custom_widget" data-x="0" data-w="12"> <div id="hs_cos_wrapper_module_161361893843569" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_module" style="" data-hs-cos-general-type="widget" data-hs-cos-type="module"><section id="cr-malicious-life-network__tier-one-header" class="position-flex"> <div class="#"> <div id="logo"><a href="https://www.cybereason.com"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/cr-logo-inline--primary-black.png"></a></div> <div id="back-to"> <a href="https://www.cybereason.com">Back to <span>Cybereason.com</span></a> </div>  <button class="hamburger hamburger--collapse" type="button"> <span class="hamburger-box"> <span class="hamburger-inner"></span> </span> </button> <div class="cr-mln__hamburger-menu--overlay"> <ul> <li><a href="https://www.cybereason.com/blog/all"><span class="underline">All Posts</span></a></li> <li><a href="/blog/category/research"><span class="underline">Research</span></a></li> <li><a href="/blog/category/podcasts"><span class="underline">Podcasts</span></a></li> <li><a href="/blog/category/webinars"><span class="underline">Webinars</span></a></li> <li><a href="/blog/category/resources"><span class="underline">Resources</span></a></li> <li><a href="/blog/category/videos"><span class="underline">Videos</span></a></li> <li><a href="/blog/category/news"><span class="underline">News</span></a></li> </ul> <div class="subscribe"> <a href="#blog-subscribe">Subscribe</a> </div> </div>  </div> </section></div> </div> </div> </div> <div class="row-fluid-wrapper row-depth-1 row-number-2 "> <div class="row-fluid "> <div class="span12 widget-span widget-type-custom_widget mln-homepage" style="" data-widget-type="custom_widget" data-x="0" data-w="12"> <div id="hs_cos_wrapper_module_161361963674916" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_module" style="" data-hs-cos-general-type="widget" data-hs-cos-type="module"><section class="cr-malicious-life-network__hero-main"> <div class="container-is-blog columns hero-content page-center"> <div class="column is-5-fullhd is-5-desktop is-12-touch"> <a href="/blog"><img class="cr-mln-logo" src="https://www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/cr-malicious-life-logo-v2.png"></a> </div> <div class="column is-7-fullhd is-7-desktop is-hidden-mobile is-hidden-tablet-only"> <div class="cr-mln__search-subscribe"> <div class="cr-mln__search"> <a href="#cr-search-modal" class="search-btn"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/cr-blog-icon--search-dark-gray.png" alt="Search"></a> </div> <div class="cr-mln__subscribe"> <a class="btn-subscribe" href="#blog-subscribe">Subscribe</a> </div> </div> <div class="cr-mln__category-nav"> <ul> <li><a href="/blog/category/all"><span class="underline">All</span></a></li> <li><a href="/blog/category/research"><span class="underline">Research</span></a></li> <li><a href="/blog/category/podcasts"><span class="underline">Podcasts</span></a></li> <li><a href="/blog/category/webinars"><span class="underline">Webinars</span></a></li> <li><a href="/blog/category/resources"><span class="underline">Resources</span></a></li> <li><a href="/blog/category/videos"><span class="underline">Videos</span></a></li> <li><a href="/blog/category/news"><span class="underline">News</span></a></li> </ul> </div> </div> </div>  <div class="container-is-blog columns is-gapless is-hidden-desktop cr-mln__search-subscribe--mobile"> <div class="column"> <a class="search-btn">Search</a> </div> <div class="column"> <a class="#" href="#blog-subscribe">Subscribe</a> </div> </div>   <div id="cr-search-modal">  <div id="btn-close-modal" class="close-cr-search-modal"> X </div> <div class="modal-content"> <div class="container columns"> <div class="column"> <div class="cr-search-modal__search-bar"> <h3>Search</h3> <form action="/hs-search-results"> <input type="search" class="hs-search-field__input" name="term" autocomplete="on" placeholder="Search..."> <input type="hidden" name="type" value="BLOG_POST"> <input type="hidden" name="type" value="LISTING_PAGE"> <button type="submit" class="arrow"></button> </form> </div> </div> </div> </div> </div>  </section></div> </div> </div> </div> </div> </div> <div class="body-container-wrapper"> <div class="body-container container-fluid"> <div class="row-fluid-wrapper row-depth-1 row-number-1 "> <div class="row-fluid "> <div class="span12 widget-span widget-type-custom_widget " style="" data-widget-type="custom_widget" data-x="0" data-w="12"> <div id="hs_cos_wrapper_module_1613620164339133" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_module" style="" data-hs-cos-general-type="widget" data-hs-cos-type="module"> <section class="cr-malicious-life-network__featured-post"> <div class="container-is-blog columns is-gapless-touch page-center"> <div class="column is-12"> <div class="columns"> <div class="column is-6 is-12-touch featured-post__image"> <a href="https://www.cybereason.com/blog/threat-analysis-playboy-locker"> <img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%2813%29.png" loading="lazy"></a> </div> <div class="column is-6 is-12-touch featured-post__content"> <div class="content-bundle"> <span class="tag">FEATURED</span> <h2><a href="https://www.cybereason.com/blog/threat-analysis-playboy-locker"><span class="underline">The Curious Case of PlayBoy Locker</span></a></h2> <p>In this Threat Analysis report, Cybereason investigates the PlayBoy Locker, the new Ransomware-as-a-Service, and how to defend against it.   <a href="https://www.cybereason.com/blog/threat-analysis-playboy-locker">Read More</a></p> </div> </div> </div> </div> </div> </section> </div> </div> </div> </div> <div class="row-fluid-wrapper row-depth-1 row-number-2 "> <div class="row-fluid "> <div class="span12 widget-span widget-type-custom_widget " style="" data-widget-type="custom_widget" data-x="0" data-w="12"> <div id="hs_cos_wrapper_module_1614137141733223" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_module" style="" data-hs-cos-general-type="widget" data-hs-cos-type="module"> <section class="cr-malicious-life-network__homepage--main-content"> <div class="container-is-blog columns is-gapless page-center">  <div class="column is-9-fullhd is-8-desktop"> <section class="cr-malicious-life-network__latest-posts"> <h3>Latest Posts</h3> <div class="container columns is-multiline"> <div class="column is-6-fullhd is-6-desktop is-half-tablet is-full-mobile latest-posts__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/keeping-pace-with-ai-innovation"><img src="https://www.cybereason.com/hubfs/keeping%20up%20with%20ai%20innovation%20blog%20img.png" loading="lazy"></a> <div class="text-content-bundle"> <a href="https://www.cybereason.com/blog/keeping-pace-with-ai-innovation" class="post-name"><span class="underline">Are you keeping pace with Cyber Security AI innovation?</span></a> <p>AI is changing the landscape of detection methodology. In order to stay ahead of adversaries, Greg Day breaks down how cybersecurity vendors need leverage AI within their threat detection, prevention & response. </p> </div> </div> <div class="column is-6-fullhd is-6-desktop is-half-tablet is-full-mobile latest-posts__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/identifying-and-preventing-bin-attacks"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%2811%29.png" loading="lazy"></a> <div class="text-content-bundle"> <a href="https://www.cybereason.com/blog/identifying-and-preventing-bin-attacks" class="post-name"><span class="underline">Cracking the Code: How to Identify, Mitigate, and Prevent BIN Attacks</span></a> <p>Introducing the Security Configuration Snapshot, an innovative enhancement to traditional BEC investigations, helping to minimize impact of incidents. </p> </div> </div> <div class="column is-6-fullhd is-6-desktop is-half-tablet is-full-mobile latest-posts__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/zero-day-vulnerabilities-vmware"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%289%29.png" loading="lazy"></a> <div class="text-content-bundle"> <a href="https://www.cybereason.com/blog/zero-day-vulnerabilities-vmware" class="post-name"><span class="underline">Three Zero-Day Vulnerabilities Discovered in VMware Products</span></a> <p>Three zero-day vulnerabilities, tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 have been discovered in nearly all VMware products.</p> </div> </div> <div class="column is-6-fullhd is-6-desktop is-half-tablet is-full-mobile latest-posts__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/bec-email-signature-technique"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%288%29.png" loading="lazy"></a> <div class="text-content-bundle"> <a href="https://www.cybereason.com/blog/bec-email-signature-technique" class="post-name"><span class="underline">Deceptive Signatures: Advanced Techniques in BEC Attacks</span></a> <p>The Cybereason DFIR team has observed threat actors leveraging email signatures to enhance their phishing lures. Read about their full discovery into the tactic. </p> </div> </div> <div class="column is-6-fullhd is-6-desktop is-half-tablet is-full-mobile latest-posts__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/bec-security-configuration-snapshot"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%287%29.png" loading="lazy"></a> <div class="text-content-bundle"> <a href="https://www.cybereason.com/blog/bec-security-configuration-snapshot" class="post-name"><span class="underline">Enhancing Business Email Compromise Incident Response: New Email & Cloud Security Configuration Snapshot</span></a> <p>Introducing the Security Configuration Snapshot, an innovative enhancement to traditional BEC investigations, helping to minimize impact of incidents. </p> </div> </div> <div class="column is-6-fullhd is-6-desktop is-half-tablet is-full-mobile latest-posts__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/rsa-2025-key-submissions-trends"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%285%29.png" loading="lazy"></a> <div class="text-content-bundle"> <a href="https://www.cybereason.com/blog/rsa-2025-key-submissions-trends" class="post-name"><span class="underline">RSAC 2025 - Key Trends from 100s of ‘Hackers & Threats’ Talk Submissions</span></a> <p>From the perspective of an RSA committee member, Greg Day shares key trends that appeared in the RSA 2025 talk submissions</p> </div> </div> </div> <a class="cr-button cr-button__center cr-button__fill-yellow" href="/blog/category/all">See All Posts</a> </section>   <section class="cr-malicious-life-network__subscription-block"> <div class="subscription-block__content"> <span class="flag">Newsletter</span> <h3>Never miss a blog.</h3> <p>Get the latest research, expert insights, and security industry news...</p> </div> <div class="subscription-bar">  <span id="hs_cos_wrapper_module_1614137141733223_blog_subscribe" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_blog_subscribe" style="" data-hs-cos-general-type="widget" data-hs-cos-type="blog_subscribe"><h3 id="hs_cos_wrapper_module_1614137141733223_blog_subscribe_title" class="hs_cos_wrapper form-title" data-hs-cos-general-type="widget_field" data-hs-cos-type="text">Subscribe Here!</h3> <div id="hs_form_target_module_1614137141733223_blog_subscribe_7385"></div> </span> </div> </section>   <section class="cr-malicious-life-network__latest-posts"> <h3>Latest Videos</h3> <div class="container columns is-multiline"> <div class="column is-6-fullhd is-6-desktop is-half-tablet is-full-mobile latest-posts__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-inside-the-redeemer-2.0-ransomware"><img src="https://www.cybereason.com/hubfs/blog-post-text%20%28124%29.png"></a> <div class="text-content-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-inside-the-redeemer-2.0-ransomware" class="post-name"><span class="underline">THREAT ALERT: Inside the Redeemer 2.0 Ransomware</span></a> <p>A new and improved Redeemer 2.0 ransomware version was released on an underground forum and is described by the developers as a “C++ no dependency ransomware with no privacy intrusions” targeting the Windows OS with support for Windows 11 systems...</p> </div> </div> <div class="column is-6-fullhd is-6-desktop is-half-tablet is-full-mobile latest-posts__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/improving-soc-workflows-with-cybereason-role-based-incident-response"><img src="https://www.cybereason.com/hubfs/blog-post-text%20%28112%29.png"></a> <div class="text-content-bundle"> <a href="https://www.cybereason.com/blog/improving-soc-workflows-with-cybereason-role-based-incident-response" class="post-name"><span class="underline">Improving SOC Workflows with Cybereason Role-Based Incident Response</span></a> <p>The Cybereason Defense Platform offers multi-tenancy capabilities to enable SOC teams to divide workflows based on roles...</p> </div> </div> <div class="column is-6-fullhd is-6-desktop is-half-tablet is-full-mobile latest-posts__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cybereason-vs.-quantum-locker-ransomware"><img src="https://www.cybereason.com/hubfs/Vs%20%288%29.png"></a> <div class="text-content-bundle"> <a href="https://www.cybereason.com/blog/cybereason-vs.-quantum-locker-ransomware" class="post-name"><span class="underline">Cybereason vs. Quantum Locker Ransomware</span></a> <p>The AI-driven Cybereason XDR Platform detects and blocks MountLocker ransomware which launched back in September 2020. Since then, the attackers have rebranded the operation as AstroLocker, XingLocker, and now in its current phase, the Quantum Locker...</p> </div> </div> <div class="column is-6-fullhd is-6-desktop is-half-tablet is-full-mobile latest-posts__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/product/cybereason-xdr-intelligence-driven-hunting"><img src="https://www.cybereason.com/hubfs/blog-post-text%20%2841%29.png"></a> <div class="text-content-bundle"> <a href="https://www.cybereason.com/blog/product/cybereason-xdr-intelligence-driven-hunting" class="post-name"><span class="underline">Cybereason XDR: Intelligence-Driven Hunting and Investigation</span></a> <p>Threat intelligence is transparently integrated into every aspect of the AI-driven Cybereason XDR Platform to enable Threat Hunting for behavioral TTPs...</p> </div> </div> </div> <a class="cr-button cr-button__center cr-button__fill-yellow" href="/blog/category/videos"> More Videos</a> </section>  </div>  <div class="column is-3-fullhd is-4-desktop is-12-mobile cr-malicious-life-network__sidebar"> <div class="cr-ml-sidebar--group"> <div class="top-stripe"></div> <div class="sidebar-block search-section"> <form action="/hs-search-results"> <input type="search" class="hs-search-field__input" name="term" autocomplete="on" placeholder="Search"> <input type="hidden" name="type" value="BLOG_POST"> <input type="hidden" name="type" value="LISTING_PAGE"> <button type="submit" class="arrow"></button> </form> </div> <div class="sidebar-block subscribe"> <a href="#blog-subscribe"> <h4>Subscribe</h4> <span>Never miss a blog.</span> </a> </div> <div class="sidebar-block single-cat ceo-latest"> <h4>Webinar / ON-DEMAND</h4> <a class="featured-image" href="https://www.cybereason.com/resources/mitre-attck-2024-operational-excellence-defined"><img src="https://www.cybereason.com/hubfs/MITRE%202024%20CYBEREASON.png"></a> </div> <div class="sidebar-block single-cat ceo-latest"> <h4>Latest Research</h4> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-phorpiex-downloader"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%282%29.png"></a> </div> <div class="sidebar-block category-listing"> <h4>Categories</h4> <ul> <li><a href="https://www.cybereason.com/blog/category/research">Research</a></li> <li><a href="https://www.cybereason.com/blog/category/podcasts">Podcasts</a></li> <li><a href="https://www.cybereason.com/blog/category/webinars">Webinars</a></li> <li><a href="https://www.cybereason.com/blog/category/resources">Resources</a></li> <li><a href="https://www.cybereason.com/blog/category/videos">Videos</a></li> <li><a href="https://www.cybereason.com/blog/category/news">News</a></li> </ul> <a class="rec-category__single--view-all" href="/blog/category/research">All Posts</a> </div> </div> </div> </div> </section> </div> </div> </div> </div> <div class="row-fluid-wrapper row-depth-1 row-number-3 "> <div class="row-fluid "> <div class="span12 widget-span widget-type-custom_widget " style="" data-widget-type="custom_widget" data-x="0" data-w="12"> <div id="hs_cos_wrapper_module_151388194052436" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_module widget-type-blog_content" style="" data-hs-cos-general-type="widget" data-hs-cos-type="module"> <div class="hide"> <section class="cr-malicious-life-network__blog-listing"> <div class="container container-is-blog columns page-center"> <div class="column"> <div class="cr-mln__breadcrumbs"> <ul> <li><a href="/blog">Home</a></li> <li>All Posts</li> </ul> </div> <h2>All Posts</h2> </div> </div> <div class="container container-is-blog columns is-multiline page-center"> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-playboy-locker"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%2813%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-playboy-locker" class="post-name"><span class="underline">The Curious Case of PlayBoy Locker</span></a> <p>In this Threat Analysis report, Cybereason investigates the PlayBoy Locker, the new Ransomware-as-a-Service, and how to defend against it. </p> <p class="date-and-duration"> <span class="publish-date">March 25, 2025 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/keeping-pace-with-ai-innovation"><img src="https://www.cybereason.com/hubfs/keeping%20up%20with%20ai%20innovation%20blog%20img.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/keeping-pace-with-ai-innovation" class="post-name"><span class="underline">Are you keeping pace with Cyber Security AI innovation?</span></a> <p>AI is changing the landscape of detection methodology. In order to stay ahead of adversaries, Greg Day breaks down how cybersecurity vendors need leverage AI within their threat detection, prevention & response. </p> <p class="date-and-duration"> <span class="publish-date">March 17, 2025 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/identifying-and-preventing-bin-attacks"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%2811%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/identifying-and-preventing-bin-attacks" class="post-name"><span class="underline">Cracking the Code: How to Identify, Mitigate, and Prevent BIN Attacks</span></a> <p>Introducing the Security Configuration Snapshot, an innovative enhancement to traditional BEC investigations, helping to minimize impact of incidents. </p> <p class="date-and-duration"> <span class="publish-date">March 11, 2025 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/zero-day-vulnerabilities-vmware"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%289%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/zero-day-vulnerabilities-vmware" class="post-name"><span class="underline">Three Zero-Day Vulnerabilities Discovered in VMware Products</span></a> <p>Three zero-day vulnerabilities, tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 have been discovered in nearly all VMware products.</p> <p class="date-and-duration"> <span class="publish-date">March 5, 2025 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/bec-email-signature-technique"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%288%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/bec-email-signature-technique" class="post-name"><span class="underline">Deceptive Signatures: Advanced Techniques in BEC Attacks</span></a> <p>The Cybereason DFIR team has observed threat actors leveraging email signatures to enhance their phishing lures. Read about their full discovery into the tactic. </p> <p class="date-and-duration"> <span class="publish-date">February 25, 2025 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/bec-security-configuration-snapshot"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%287%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/bec-security-configuration-snapshot" class="post-name"><span class="underline">Enhancing Business Email Compromise Incident Response: New Email & Cloud Security Configuration Snapshot</span></a> <p>Introducing the Security Configuration Snapshot, an innovative enhancement to traditional BEC investigations, helping to minimize impact of incidents. </p> <p class="date-and-duration"> <span class="publish-date">February 18, 2025 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/rsa-2025-key-submissions-trends"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%285%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/rsa-2025-key-submissions-trends" class="post-name"><span class="underline">RSAC 2025 - Key Trends from 100s of ‘Hackers & Threats’ Talk Submissions</span></a> <p>From the perspective of an RSA committee member, Greg Day shares key trends that appeared in the RSA 2025 talk submissions</p> <p class="date-and-duration"> <span class="publish-date">January 29, 2025 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-phorpiex-downloader"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%282%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-phorpiex-downloader" class="post-name"><span class="underline">Phorpiex - Downloader Delivering Ransomware</span></a> <p>In this Threat Analysis report, Cybereason investigates the the Phorpiex botnet that delivers LockBit Black Ransomware (aka LockBit 3.0).</p> <p class="date-and-duration"> <span class="publish-date">January 28, 2025 /</span> <span class="read-time"> 9 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cve-2025-23006-sonicwall-critical-vulnerability"><img src="https://www.cybereason.com/hubfs/BLOG_Images_SonicWall.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cve-2025-23006-sonicwall-critical-vulnerability" class="post-name"><span class="underline">CVE-2025-23006: Critical Vulnerability Discovered in SonicWall SMA 1000 Series</span></a> <p>A critical vulnerability, tracked as CVE-2025-23006, has been discovered in SonicWall SMA 1000 Series.</p> <p class="date-and-duration"> <span class="publish-date">January 24, 2025 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/mitre-2024-demonstrates-value-of-malop-technology"><img src="https://www.cybereason.com/hubfs/Screenshot%202025-01-17%20at%203.25.26%20PM.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/mitre-2024-demonstrates-value-of-malop-technology" class="post-name"><span class="underline">From Noise to Clarity: The Value of MalOp™ Technology in Modern Cyber Defense</span></a> <p>Dominic Rinaldi provides his take on the 2024 MITRE ATT&CK® Enterprise Evaluation and its validation of the value of the Cybereason MalOp Technology in the world of modern cyber defense.</p> <p class="date-and-duration"> <span class="publish-date">January 23, 2025 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/2024-mitre-critical-metrics"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v4_Page_1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/2024-mitre-critical-metrics" class="post-name"><span class="underline">"Out-of-the-Box" Detection Coverage: A Critical Metric for Endpoint Security</span></a> <p>Greg Day provides his take on the 2024 MITRE ATT&CK® Enterprise Evaluation and the importance of "Out-of-the-Box" Detection Coverage for Endpoint Security Solutions.</p> <p class="date-and-duration"> <span class="publish-date">December 31, 2024 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cve-2024-55956-cleo-vulnerability"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2%20%281%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cve-2024-55956-cleo-vulnerability" class="post-name"><span class="underline">CVE-2024-55956: Zero-Day Vulnerability in Cleo Software Could Lead to Data Theft</span></a> <p>A zero-day vulnerability, tracked as CVE-2024-55956, has been discovered in 3 Cleo products and is being exploited by CL0P ransomware group, leading to potential data theft </p> <p class="date-and-duration"> <span class="publish-date">December 17, 2024 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-rise-of-lummastealer"><img src="https://www.cybereason.com/hubfs/blog%20img%20lummastealer-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-rise-of-lummastealer" class="post-name"><span class="underline">Your Data Is Under New Lummanagement: The Rise of LummaStealer</span></a> <p>In this Threat Analysis report, Cybereason investigates the rising activity of the malware LummaStealer.</p> <p class="date-and-duration"> <span class="publish-date">December 17, 2024 /</span> <span class="read-time"> 14 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/2024-mitre-results"><img src="https://www.cybereason.com/hubfs/BLOG_Images_Template_v2.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/2024-mitre-results" class="post-name"><span class="underline">Leader in SOC Efficiency and Operational Excellence in MITRE ATT&CK 2024 Results</span></a> <p> In the 2024 MITRE ATT&CK® Enterprise Evaluation, Cybereason demonstrated why out-of-the-box detection coverage and operational efficiency matter more than ever.</p> <p class="date-and-duration"> <span class="publish-date">December 16, 2024 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/2025-predictions"><img src="https://www.cybereason.com/hubfs/2025%20PREDICTIONS%20BY%20GREG%20DAY.jpg"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/2025-predictions" class="post-name"><span class="underline">2025 Predictions by Greg Day</span></a> <p>At pace, gather enough evidence to understand what was occurring, the first goal being to contain the threat and minimize its impact on the business. </p> <p class="date-and-duration"> <span class="publish-date">December 11, 2024 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/new-cluster-andromeda-gamrue-c2"><img src="https://www.cybereason.com/hubfs/BLOG_Stellar-Discovery_v2.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/new-cluster-andromeda-gamrue-c2" class="post-name"><span class="underline">Stellar Discovery of A New Cluster of Andromeda/Gamarue C2</span></a> <p>In this Threat Analysis report, Cybereason investigates incidents relating to the Andromeda backdoor and a new cluster of C2 servers.</p> <p class="date-and-duration"> <span class="publish-date">December 3, 2024 /</span> <span class="read-time"> 8 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cybereason-merges-with-trustwave"><img src="https://www.cybereason.com/hubfs/TW-CR-Anka-Cybereason-CRBlog.jpg"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cybereason-merges-with-trustwave" class="post-name"><span class="underline">Cybereason Merges with Trustwave, Enhances MDR and Consulting Services</span></a> <p>In response to the growing need for end-to-end cyber solutions, Cybereason and Trustwave, a cybersecurity and managed security services leader, have merged to create an MDR powerhouse with end-to-end cybersecurity capabilities.</p> <p class="date-and-duration"> <span class="publish-date">November 12, 2024 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/insourcing-versus-outsourcing"><img src="https://www.cybereason.com/hubfs/BLOG%20POST%20%281%29-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/insourcing-versus-outsourcing" class="post-name"><span class="underline">Insourcing versus Outsourcing</span></a> <p>what should your own cybersecurity staff do in-house and what should be taken as an outcome based service? </p> <p class="date-and-duration"> <span class="publish-date">November 8, 2024 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/unlocking-the-potential-of-ai-in-cybersecurity-embracing-the-future-and-its-complexities"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ai-potential-cybersecurity-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/unlocking-the-potential-of-ai-in-cybersecurity-embracing-the-future-and-its-complexities" class="post-name"><span class="underline">Unlocking the Potential of AI in Cybersecurity: Embracing the Future and Its Complexities</span></a> <p>In this high-stakes game of cat and mouse, the use of artificial intelligence (AI) has emerged as a powerful tool in the fight against cyber threats.</p> <p class="date-and-duration"> <span class="publish-date">October 24, 2024 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-operation-snow-white-part-2"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-252-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-operation-snow-white-part-2" class="post-name"><span class="underline">Malicious Life Podcast: Operation Snow White, Part 2</span></a> <p>Scientology spies were trained in all covert operations techniques: surveillance, recruiting agents, infiltrating enemy lines, and blackmail. However, a suspicious librarian and a determined FBI agent brought the largest single spy operation in US government history to an end.</p> <p class="date-and-duration"> <span class="publish-date">October 23, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-beast-ransomware"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/beast-ransomware-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-beast-ransomware" class="post-name"><span class="underline">THREAT ANALYSIS: Beast Ransomware</span></a> <p>In this Threat Analysis report, Cybereason investigates the Ransomware-as-a-Service (RaaS) known as Beast and how to defend against it through the Cybereason Defense Platform.</p> <p class="date-and-duration"> <span class="publish-date">October 18, 2024 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cuckoo-spear-pt2-threat-actor-arsenal"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/cuckoo-spear-pt-2-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cuckoo-spear-pt2-threat-actor-arsenal" class="post-name"><span class="underline">CUCKOO SPEAR Part 2: Threat Actor Arsenal</span></a> <p>In this report, Cybereason confirms the ties between Cuckoo Spear and APT10 Intrusion Set by tying multiple incidents together and disclosing new information about this group’s new arsenal and techniques.</p> <p class="date-and-duration"> <span class="publish-date">October 4, 2024 /</span> <span class="read-time"> 13 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/the-silent-epidemic-uncovering-the-dangers-of-alert-fatigue-and-how-to-overcome-it"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/alert-fatigue-the-silent-epidemic-featured-blog.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/the-silent-epidemic-uncovering-the-dangers-of-alert-fatigue-and-how-to-overcome-it" class="post-name"><span class="underline">The Silent Epidemic: Uncovering the Dangers of Alert Fatigue and How to Overcome It</span></a> <p>In this blog post, we will take a deep dive into the risks of alert fatigue in the context of cyber attacks and security breaches and introduce how the Cybereason Defense Platform can help mitigate these risks.</p> <p class="date-and-duration"> <span class="publish-date">October 3, 2024 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-operation-snow-white-part-1"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-251-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-operation-snow-white-part-1" class="post-name"><span class="underline">Malicious Life Podcast: Operation Snow White, Part 1</span></a> <p>In 1963, the FDA raided the headquarters of a budding new and esoteric religion - The Church of Scientology. In response to this and similar incidents to come, the church's founder - an eccentric science fiction author named L. Ron Hubbard - would go on to lead the single largest known government infiltration operation in United States history.</p> <p class="date-and-duration"> <span class="publish-date">October 1, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/on-premise-vs-cloud-based-edr"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/on-prem-vs-cloud-blog.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/on-premise-vs-cloud-based-edr" class="post-name"><span class="underline">The Great Debate: On-Premise vs. Cloud based EDR</span></a> <p>Should businesses prioritize cloud-based or on-premise cybersecurity solutions, or are CIOs being influenced by a variety of strategic factors and opting for a hybrid approach?</p> <p class="date-and-duration"> <span class="publish-date">September 18, 2024 /</span> <span class="read-time"> 7 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-caught-in-the-crossfire-infighting-and-treason-in-russias-cyber-world"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-250-featured-image.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-caught-in-the-crossfire-infighting-and-treason-in-russias-cyber-world" class="post-name"><span class="underline">Malicious Life Podcast: Infighting and Treason in Russia’s Cyber World</span></a> <p>On Dec. 5, 2016, two senior Russian Intelligence officers and two civilians were arrested and accused of treason. A few weeks later, when Western journalists were finally able to speak with the men’s lawyers, they learned that the case was based on events that were, oddly enough, already widely known. This made the arrests even more peculiar.</p> <p class="date-and-duration"> <span class="publish-date">September 17, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cuckoo-spear-analyzing-noopdoor"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/cuckoo-spear-part-1-analysis-blog-analysis-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cuckoo-spear-analyzing-noopdoor" class="post-name"><span class="underline">CUCKOO SPEAR Part 1: Analyzing NOOPDOOR from an IR Perspective</span></a> <p>In this report, Cybereason confirms the ties between Cuckoo Spear and APT10 Intrusion Set by tying multiple incidents together and disclosing new information about this group’s new arsenal and techniques.</p> <p class="date-and-duration"> <span class="publish-date">September 13, 2024 /</span> <span class="read-time"> 11 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/soc-modernization-where-are-you-on-the-evolutionary-journey"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/soc-modernization-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/soc-modernization-where-are-you-on-the-evolutionary-journey" class="post-name"><span class="underline">SoC Modernization: Where are you on the Evolutionary Journey? And how do you compare to your peers?</span></a> <p>Many organizations today will tell you they have a next-generation Security Operations Centre (SoC). But should we continue to optimize, or do we actually need to evolve and change some of the fundamental principles of the next generation SoC?</p> <p class="date-and-duration"> <span class="publish-date">September 11, 2024 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-snap-fraud-getting-rich-by-stealing-from-the-poor"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/ML-Ep-249-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-snap-fraud-getting-rich-by-stealing-from-the-poor" class="post-name"><span class="underline">Malicious Life Podcast: SNAP Fraud: Getting Rich by Stealing from the Poor</span></a> <p>SNAP - better known as food stamps - goes back to the Great Depression. The physical stamps were replaced with EBT cards in the 1990s, but since these cards are without the secure EMV chip technology, enterprising criminals found innovative ways to drain funds meant for low-income families.</p> <p class="date-and-duration"> <span class="publish-date">September 5, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-hollywood-con-queen-pt2"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-248-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-hollywood-con-queen-pt2" class="post-name"><span class="underline">Malicious Life Podcast: The Hollywood Con Queen, Part 2</span></a> <p>Nicole Kotsianas, an investigator with K2 Intelligence, made it her personal mission to hunt down the Hollywood Con Queen, who cruelly tormented her victims and shattered their dreams. Nicole's efforts bore unexpected fruits, when she discovered that the Con Queen was actually… a man.</p> <p class="date-and-duration"> <span class="publish-date">August 27, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-hollywood-con-queen-pt1"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-247-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-hollywood-con-queen-pt1" class="post-name"><span class="underline">Malicious Life Podcast: The Hollywood Con Queen, Part 1</span></a> <p>In 2015, two aspiring script writers flew to Indonesia to meet with executives of a large Chinese film corporation. It was a trap: the Hollywood Con Queen not only coned them out of tens of thousands of dollars, she also cruelly ruined their friendship. Two years later, a corporate investigator working for a big shot Hollywood producer, made a discovery that put her on the trail of this master of deceit.</p> <p class="date-and-duration"> <span class="publish-date">August 14, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/capability-vs-usability"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/capability-vs-usability-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/capability-vs-usability" class="post-name"><span class="underline">Capability vs. Usability</span></a> <p>Some CISOs I know work on a premise that for every one new technology deployed, two should be removed. I wonder if we tried to apply a similar principle to the operational aspects of cybersecurity, how far we could progress.</p> <p class="date-and-duration"> <span class="publish-date">August 1, 2024 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-doomed-queens-secret-ciphers"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-246-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-doomed-queens-secret-ciphers" class="post-name"><span class="underline">Malicious Life Podcast: The Doomed Queen’s Secret Ciphers</span></a> <p>Discover how George Lasry, a modern codebreaker, uncovered the secrets of Mary, Queen of Scots, hidden in the French National Library for over 400 years. This episode delves into the painstaking process and the historical impact of decoding these ancient messages, revealing the hidden motives and desperate actions of a doomed queen.</p> <p class="date-and-duration"> <span class="publish-date">July 31, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cuckoo-spear"><img src="https://www.cybereason.com/hubfs/BLOG%20POST%20%281%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cuckoo-spear" class="post-name"><span class="underline">Cuckoo Spear – the latest Nation-state Threat Actor targeting Japanese companies</span></a> <p>In this blog, you learn about a highly sophisticated, well-funded, and strategically motivated nation-state cybersecurity threat called cuckoo spear.</p> <p class="date-and-duration"> <span class="publish-date">July 25, 2024 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-why-did-people-write-viruses-in-the-80s-and-90s"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-245-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-why-did-people-write-viruses-in-the-80s-and-90s" class="post-name"><span class="underline">Malicious Life Podcast: Why Did People Write Viruses In The 80s & 90s?</span></a> <p>Why did people write malware in the pre-internet days? Back then, there was no way to make money by writing malware. So why write them in the first place? The lack of a financial motivation meant that virus authors had a plethora of other motives - and this diverse mix of motives had, as we shall hear, an interesting effect on the design and style of viruses created at that period.</p> <p class="date-and-duration"> <span class="publish-date">July 15, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/hardening-of-hardbit"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/hardbit-threat-analysis-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/hardening-of-hardbit" class="post-name"><span class="underline">Hardening of HardBit</span></a> <p>In this Threat Analysis report, Cybereason Security Services investigates HardBit Ransomware version 4.0, a new version observed in the wild.</p> <p class="date-and-duration"> <span class="publish-date">July 10, 2024 /</span> <span class="read-time"> 14 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-section-230-the-law-that-makes-social-media-great-and-terrible"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-244-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-section-230-the-law-that-makes-social-media-great-and-terrible" class="post-name"><span class="underline">Malicious Life Podcast: Section 230: The Law that Makes Social Media Great, and Terrible</span></a> <p>Section 230 is the pivotal law that has enabled the rise of social media -while sparking heated debates over its implications. In this episode, we're charting the history of Section 230, from early landmark legal battles, to modern controversies, and exploring its complexities and the proposed changes that could redefine online speech and platform responsibility.</p> <p class="date-and-duration"> <span class="publish-date">June 26, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/i-am-goot-loader"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/goot-loader-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/i-am-goot-loader" class="post-name"><span class="underline">I am Goot (Loader)</span></a> <p>In this Threat Analysis report, Cybereason Security Services investigate the rising activity of the malware GootLoader. GootLoader is a malware loader known to abuse JavaScript to download post-exploitation malware/tools and persist within the infected machine.</p> <p class="date-and-duration"> <span class="publish-date">June 25, 2024 /</span> <span class="read-time"> 11 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-what-happened-at-uber"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-243-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-what-happened-at-uber" class="post-name"><span class="underline">Malicious Life Podcast: What Happened at Uber?</span></a> <p>In 2016, Joe Sullivan, former CISO of Facebook, was at the peak of his career. As Uber's new CISO, he and his team had just successfully prevented data from a recent breach from leaking to the internet. But less than a year later, Sullivan was unexpectedly fired from Uber, and three years later, the US Department of Justice announced criminal charges against him. So, what happened at Uber?</p> <p class="date-and-duration"> <span class="publish-date">June 11, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-the-xz-backdoor"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/xy-backdoor-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-the-xz-backdoor" class="post-name"><span class="underline">THREAT ALERT: The XZ Backdoor - Supply Chaining Into Your SSH</span></a> <p>This supply chain attack targets to compromise the integrity of Secure Shell (SSH) - a cryptographic network protocol used to operate systems using remote command execution over an unsecured network.</p> <p class="date-and-duration"> <span class="publish-date">May 29, 2024 /</span> <span class="read-time"> 7 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-nigerian-prince"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-242-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-nigerian-prince" class="post-name"><span class="underline">Malicious Life Podcast: The Nigerian Prince</span></a> <p>In this episode of ML, we're exploring the history of the well-known Nigerian Prince scam, also known as 419 or advanced fee scam, from its roots in a Parisian prison during the French Revolution, to the economic and social reason why this particular scam became so popular with African youth. Also, will AI make such scams more dangerous - or, counter intuitively, go against the interests of scammers?</p> <p class="date-and-duration"> <span class="publish-date">May 28, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/unmasking-secrets-the-rise-of-open-source-intelligence"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-241-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/unmasking-secrets-the-rise-of-open-source-intelligence" class="post-name"><span class="underline">Malicious Life Podcast: Unmasking Secrets: The Rise of Open-Source Intelligence</span></a> <p>Dive into the world of open-source intelligence (OSINT) in this episode, where we uncover how ordinary citizens use publicly available data to unravel some of the most complex global mysteries. From tracking conflicts in real-time to exposing the truth behind high-profile incidents like the downing of Malaysia Airlines flight MH17, discover how OSINT is revolutionizing the field of investigative journalism and transforming how we perceive and verify information. </p> <p class="date-and-duration"> <span class="publish-date">May 17, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/behind-closed-doors-the-rise-of-hidden-malicious-remote-access"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/behind-closed-doors-rise-of-remote-access-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/behind-closed-doors-the-rise-of-hidden-malicious-remote-access" class="post-name"><span class="underline">Behind Closed Doors: The Rise of Hidden Malicious Remote Access</span></a> <p>In this Threat Analysis Report, Cybereason’s Security Research Team explores the security implications, vulnerabilities, and potential mitigation strategies surrounding Hidden VNC (hVNC) and Hidden RDP (hRDP).</p> <p class="date-and-duration"> <span class="publish-date">May 6, 2024 /</span> <span class="read-time"> 9 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/the-source-code-of-malicious-life"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-240-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/the-source-code-of-malicious-life" class="post-name"><span class="underline">Malicious Life Podcast: The Source Code of Malicious Life</span></a> <p>A few weeks ago we had a listener’s meetup in New York, and as part of that meetup, I gave a talk in which I discussed how Malicious Life came to be - a story that goes back to my days as a ship's captain in the Israeli Navy - and then about how me and Nate craft the stories that you hear every other week. That last part, I hope, might also be beneficial to those of you, our listeners, who find themselves giving talks about technically complex ideas, cyber-related or not. The storytelling ideas and techniques I laid out in the talk are universal, and you’ll find them in blockbuster movies as well as podcast episodes. </p> <p class="date-and-duration"> <span class="publish-date">May 1, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-y2k-bug-part-2"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-239-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-y2k-bug-part-2" class="post-name"><span class="underline">Malicious Life Podcast: The Y2K Bug Pt. 2</span></a> <p>In the waning years of the 20th century, amid growing anxieties about the turn of the millennium, one man, Robert Bemer, observed the unfolding drama from his remote home on King Possum Lake. A revered figure in computing, Bemer had early on flagged a significant, looming issue known as the Y2K bug, which threatened to disrupt global systems as calendars rolled over to the year 2000. This episode delves into Bemer's life during this critical period, exploring his predictions, the ensuing global frenzy to avert disaster, and the disparate views on whether the billions spent in prevention were justified or merely a response to a misunderstood threat.</p> <p class="date-and-duration"> <span class="publish-date">April 23, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-y2k-bug-part-1"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ml-ep-238-card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-y2k-bug-part-1" class="post-name"><span class="underline">Malicious Life Podcast: The Y2K Bug Pt. 1</span></a> <p>In the 1950s and 60s - even leading into the 1990s - the cost of storage was so high, that using a 2-digit field for dates in a software instead of 4-digits could save an organization between $1.2-$2 Million dollars per GB of data. From this perspective, programming computers in the 1950s to record four-digit years would’ve been outright malpractice. But 40 years later, this shortcut became a ticking time bomb which one man, computer scientist Bob Bemer, was trying to diffuse before it was too late.</p> <p class="date-and-duration"> <span class="publish-date">April 1, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cybereasons-evolution-to-disrupt-beyond-siem-and-xdr-market"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/cybereason-sdr-evolution-blog-featured-2.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cybereasons-evolution-to-disrupt-beyond-siem-and-xdr-market" class="post-name"><span class="underline">Cybereason’s evolution to disrupt beyond SIEM and XDR market</span></a> <p>Cybereason SDR delivers a comprehensive cybersecurity solution that converges EPP, detection and response (EDR and XDR), SIEM, and Observability into an unified cybersecurity service portal.</p> <p class="date-and-duration"> <span class="publish-date">March 25, 2024 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-the-anydesk-breach-aftermath"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/anydesk-breach-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-the-anydesk-breach-aftermath" class="post-name"><span class="underline">Threat Alert: The Anydesk Breach Aftermath</span></a> <p>AnyDesk, one of the world’s leading providers of Remote Management and Monitoring (RMM) software, confirmed they had identified a compromise of production systems.</p> <p class="date-and-duration"> <span class="publish-date">March 22, 2024 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-can-you-bomb-a-hacker"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ml-ep-237-card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-can-you-bomb-a-hacker" class="post-name"><span class="underline">Malicious Life Podcast: Can You Bomb a Hacker?</span></a> <p>The 2008 Russo-Georgian War marked a turning point: the first time cyberattacks were used alongside traditional warfare. But what happens when the attackers aren't soldiers, but ordinary citizens? This episode delves into the ethical and legal implications of civilian participation in cyberwarfare, examining real-world examples from Ukraine and beyond.</p> <p class="date-and-duration"> <span class="publish-date">March 19, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/beware-of-the-messengers-exploiting-activemq-vulnerability"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/activemq-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/beware-of-the-messengers-exploiting-activemq-vulnerability" class="post-name"><span class="underline">Beware of the Messengers, Exploiting ActiveMQ Vulnerability</span></a> <p>In this Threat Analysis Report, Cybereason Security Services examines an incident on a Linux server, which saw malicious shell (bash) executions from a Java process running Apache ActiveMQ. </p> <p class="date-and-duration"> <span class="publish-date">March 13, 2024 /</span> <span class="read-time"> 10 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/bridging-the-gap-balancing-security-compliance-and-innovation-in-cybersecurity"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/bridging-th-gap-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/bridging-the-gap-balancing-security-compliance-and-innovation-in-cybersecurity" class="post-name"><span class="underline">Bridging the Gap: Balancing Security Compliance and Innovation in Cybersecurity</span></a> <p>Cybereason On-Prem delivers all the state-of-the-art features and capabilities of modern EDR tools while allowing organizations to maintain control over their security infrastructure within their own premises</p> <p class="date-and-duration"> <span class="publish-date">March 6, 2024 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/unboxing-snake-python-infostealer-lurking-through-messaging-service"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/snake-python-infostealer-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/unboxing-snake-python-infostealer-lurking-through-messaging-service" class="post-name"><span class="underline">Unboxing Snake - Python Infostealer Lurking Through Messaging Services</span></a> <p>In this Threat Analysis Report, Cybereason Security Services dives into the Python Infostealer, delivered via GitHub and GitLab, that ultimately exfiltrates credentials via Telegram Bot API or other well known platforms.</p> <p class="date-and-duration"> <span class="publish-date">March 5, 2024 /</span> <span class="read-time"> 9 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/ransomware-true-cost-to-business-2024"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ransomware-true-cost-2024-bloog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/ransomware-true-cost-to-business-2024" class="post-name"><span class="underline">Ransomware: True Cost to Business 2024</span></a> <p>The threat continues to evolve, but it's clear from the research that business’ ransomware resilience plans are not keeping pace. So, test your capabilities and resources, involve the rest of the business, and consider if you have the adequacy and scale or whether you need third party services to ensure you have a plan fit for both today’s and tomorrow's attacks. </p> <p class="date-and-duration"> <span class="publish-date">March 4, 2024 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-kevin-mitnick-part-2"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ml-ep-236-card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-kevin-mitnick-part-2" class="post-name"><span class="underline">Malicious Life Podcast: Kevin Mitnick, Part 2</span></a> <p>In 1991, Kevin Mitnick was bouncing back from what was probably the lowest point of his life. He began to rebuild his life: he started working out and lost a hundred pounds, and most importantly - he was finally on the path towards ditching his self-destructive obsession of hacking.</p> <p class="date-and-duration"> <span class="publish-date">March 1, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/announcing-cybereason-on-prem"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/on-prem-announcement-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/announcing-cybereason-on-prem" class="post-name"><span class="underline">Announcing Cybereason On-Prem</span></a> <p>Many of our customers choose Cybereason On-Prem to simplify their data and critical infrastructure compliance with the flexibility to deploy in on-prem server rooms, private data centers or private cloud environments.</p> <p class="date-and-duration"> <span class="publish-date">February 20, 2024 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-kevin-mitnick-part-1"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ml-ep-235-card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-kevin-mitnick-part-1" class="post-name"><span class="underline">Malicious Life Podcast: Kevin Mitnick, Part 1</span></a> <p>For Kevin Mitnick - perhaps the greatest social engineer who ever lived - hacking was an obsession: even though it ruined his marriage, landed him in scary correction facilities and almost cost him his sanity in solitary confinement, Mitnick wasn't able to shake the disease that compelled him to keep breaking into more and more communication systems. </p> <p class="date-and-duration"> <span class="publish-date">February 19, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/from-cracked-to-hacked-malware-spread-via-youtube-videos"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/youtube-malware-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/from-cracked-to-hacked-malware-spread-via-youtube-videos" class="post-name"><span class="underline">From Cracked to Hacked: Malware Spread via YouTube Videos</span></a> <p>Learn how to detect and prevent a new attack vector being exploited in low-burn, low-cost campaigns using compromised YouTube accounts to spread malware.</p> <p class="date-and-duration"> <span class="publish-date">February 12, 2024 /</span> <span class="read-time"> 12 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-ivanti-connect-secure-vpn-zero-day-exploitation"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ivanti-threat-alert-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-ivanti-connect-secure-vpn-zero-day-exploitation" class="post-name"><span class="underline">THREAT ALERT: Ivanti Connect Secure VPN Zero-Day Exploitation</span></a> <p>Cybereason issues Threat Alerts to inform customers of emerging impacting threats, including critical vulnerabilities such as the Ivanti Connect Secure VPN Zero-Day exploitation. Cybereason Threat Alerts summarize these threats and provide practical recommendations for protecting against them.</p> <p class="date-and-duration"> <span class="publish-date">February 6, 2024 /</span> <span class="read-time"> 9 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-sim-registration-security-or-surveillance"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ml-ep-234-card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-sim-registration-security-or-surveillance" class="post-name"><span class="underline">Malicious Life Podcast: SIM Registration: Security, or Surveillance?</span></a> <p>Right now, hundreds of thousands of people in the southern African country of Namibia are faced with a choice. At the end of next month, their phone service is going to be shut off permanently: to prevent that from happening, they’ll have to give up their data privacy. As a result, nearly two million Namibian citizens are facing a data privacy problem which may haunt them for years to come - and hundreds of thousands more are set to join them, or else they’ll lose their phone service for good. All of which raises the question: was making everybody register their SIM cards a good idea in the first place?</p> <p class="date-and-duration"> <span class="publish-date">February 5, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-darkgate-loader"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/darkgate-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-darkgate-loader" class="post-name"><span class="underline">THREAT ALERT: DarkGate Loader</span></a> <p>The execution of DarkGate Loader ultimately leads to execution of post-exploitation tools such as Cobalt Strike and Meterpreter. This Threat Alert provides an overview of an attack involving DarkGate Loader.</p> <p class="date-and-duration"> <span class="publish-date">January 29, 2024 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-mariposa-botnet"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-233-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-mariposa-botnet" class="post-name"><span class="underline">Malicious Life Podcast: The Mariposa Botnet</span></a> <p>In 2008, The 12 million PCs strong Mariposa Botnet infected almost half of Fortune 100 company - but the three men who ran it were basically script kiddies who didn't even knew how to code.</p> <p class="date-and-duration"> <span class="publish-date">January 22, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/whats-on-the-smartest-cybersecurity-minds-for-2024"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/smartest-cybersecurity-minds-2024-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/whats-on-the-smartest-cybersecurity-minds-for-2024" class="post-name"><span class="underline">What’s on the Smartest Cybersecurity Minds for 2024?</span></a> <p>I had the huge privilege of being on the program committee for the RSA Conference 2024, reviewing the always popular track: Hackers and Threats, which were a great indicator of the challenges we should expect to see in the coming year.</p> <p class="date-and-duration"> <span class="publish-date">January 16, 2024 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-real-story-of-citibanks-10m-hack"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-232-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-real-story-of-citibanks-10m-hack" class="post-name"><span class="underline">Malicious Life Podcast: The Real Story of Citibank’s $10M Hack</span></a> <p>Valdimir Levin is often presented as "the first online bank robber," and appeares on many lists of the "Top 10 Greatest Hackers." But a few veteran Russian hackers cliam that Levin's infamous hack had been mangled by the journlists who wrote about it. What's the truth behind the 1994 $10.7 million Citibank hack?…</p> <p class="date-and-duration"> <span class="publish-date">January 9, 2024 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-how-to-hack-into-satellites"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-231-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-how-to-hack-into-satellites" class="post-name"><span class="underline">Malicious Life Podcast: How to Hack Into Satellites</span></a> <p>About a year ago, six academics from Ruhr University Bochum and the CISPA  Helmholtz Center for Information Security set out to survey engineers and developers on the subject of satellite cybersecurity. But most of these engineers were very reluctant to share any details about their satellites and their security aspects. Why were satellite engineers so reticent to talk about cybersecurity? What was so secretive, so wrong with it, that they didn’t feel they could answer even general questions, anonymously? Because let’s be clear: if there’s something wrong with the security of satellites, that’d be a serious problem.</p> <p class="date-and-duration"> <span class="publish-date">December 27, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-citrixbleed-cve-2023-4966"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/citrixbleed-featured-image.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-citrixbleed-cve-2023-4966" class="post-name"><span class="underline">THREAT ALERT: CITRIXBLEED (CVE-2023-4966)</span></a> <p>Cybereason issues Threat Alerts to inform customers of emerging threats, including critical vulnerabilities such as CitrixBleed. Cybereason Threat Alerts summarize these threats and provide practical recommendations for protecting against them.</p> <p class="date-and-duration"> <span class="publish-date">December 18, 2023 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-moonlight-maze"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-230-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-moonlight-maze" class="post-name"><span class="underline">Malicious Life Podcast: Moonlight Maze</span></a> <p>When investigators discovered in 1996 that US military networks were being extensively hacked, they didn't realize they were witnessing the birth of what would become Russia's formidable Turla APT espionage group. We uncover the 20-year metamorphosis of this original group of hackers into one of the most sophisticated and dangerous state-sponsored threats that's still active today.</p> <p class="date-and-duration"> <span class="publish-date">December 11, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-volt-typhoon"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-229-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-volt-typhoon" class="post-name"><span class="underline">Malicious Life Podcast: Volt Typhoon</span></a> <p>In August 2021, a port in Houston, Texas, was attacked. Over the following months, a series of attacks occurred in various locations, reminiscent of a serial killer's pattern. Targets included telecommunications companies, government agencies, power plants, and water treatment facilities. How did Volt Typhoon manage to evade authorities and analysts for such an extended period?</p> <p class="date-and-duration"> <span class="publish-date">November 28, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-djvu-variant-delivered-by-loader-masquerading-as-freeware"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/threat-alert-DJvu-variant-featured-image.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-djvu-variant-delivered-by-loader-masquerading-as-freeware" class="post-name"><span class="underline">THREAT ALERT: DJvu Variant Delivered by Loader Masquerading as Freeware</span></a> <p>The Cybereason Security Services Team is investigating incidents that involve variants of the DJvu ransomware delivered via loader payloads masquerading as freeware or cracked software. </p> <p class="date-and-duration"> <span class="publish-date">November 28, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/2024-cybersecurity-predictions-generative-ai-reshapes-cybersecurity"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/2024-Cybersecurity-Predictions%20-%20Generative-GD-Featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/2024-cybersecurity-predictions-generative-ai-reshapes-cybersecurity" class="post-name"><span class="underline">2024 Cybersecurity Predictions - Generative AI Reshapes Cybersecurity</span></a> <p>In the last six to nine months, I don’t think I’ve been at any cybersecurity meeting where Generative AI was not a key topic. As such, it’s no great surprise that generative AI has a strong influence on my predictions for 2024! </p> <p class="date-and-duration"> <span class="publish-date">November 27, 2023 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-inc-ransomware"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/threat-alert-inc-ransomware-featured-image.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-inc-ransomware" class="post-name"><span class="underline">THREAT ALERT: INC Ransomware</span></a> <p>Cybereason issues Threat Alerts to inform customers of emerging impacting threats, including new ransomware actors such as the emergent group INC Ransom. Cybereason Threat Alerts summarize these threats and provide practical recommendations for protecting against them.</p> <p class="date-and-duration"> <span class="publish-date">November 20, 2023 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-is-nso-evil-part-2"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-228-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-is-nso-evil-part-2" class="post-name"><span class="underline">Malicious Life Podcast: Is NSO Evil? Part 2</span></a> <p>By the time Forbidden Stories published its “Pegasus Project” in 2021, NSO was already knee deep in what was probably the worst PR disaster ever suffered by a cybersecurity company - and then, in November 2021, came the fateful blow: the US Dept. of Commerce added NSO to its “Entity List.” Is NSO to blame for its troubles? Could the company have acted differently to prevent its downfall?</p> <p class="date-and-duration"> <span class="publish-date">November 13, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-is-nso-evil-part-1"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-227-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-is-nso-evil-part-1" class="post-name"><span class="underline">Malicious Life Podcast: Is NSO Evil? Part 1</span></a> <p>NSO Group, creator of the infamous Pegasus spyware, is widely regarded as a vile, immoral company: a sort of 21st century soldier of fortune, a mercenary in the service of corrupt and evil regimes. Yet among its many clients are many liberal democracies, including the US, Germany, the Netherlands and Spain, to name but a few. So, is NSO really as evil as many think it is?</p> <p class="date-and-duration"> <span class="publish-date">October 30, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/eu-network-information-security"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/eu-network-information-security-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/eu-network-information-security" class="post-name"><span class="underline">EU Network Information Security</span></a> <p>It's not surprising that in the last couple of months the requests of “are you EU Network Information Security Directive (NISD) v2 compliant?” are starting to come in.  What would seem like a simple GRC yes no question is in fact complex.</p> <p class="date-and-duration"> <span class="publish-date">October 25, 2023 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/2023-extended-detection-response-xdr-buyers-guide"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/exdr-buyers-guide-23-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/2023-extended-detection-response-xdr-buyers-guide" class="post-name"><span class="underline">2023 Extended Detection & Response (XDR) Buyer’s Guide</span></a> <p>To support cyber defenders to achieve tangible business benefits and deliver effective security outcomes, Cybereason has developed a comprehensive Extended Detection & Response (XDR) Buyer’s Guide.</p> <p class="date-and-duration"> <span class="publish-date">October 24, 2023 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/not-all-epp-security-is-the-same-changing-the-guard"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/epp-changing-of-the-guard-blog-featured.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/not-all-epp-security-is-the-same-changing-the-guard" class="post-name"><span class="underline">NOT all EPP Security is the Same - Changing the Guard!</span></a> <p>Exploring the hard work that goes into keeping pace with the ever evolving and increasingly complex threats as well as the challenge of ensuring endpoints are secure against them.</p> <p class="date-and-duration"> <span class="publish-date">October 23, 2023 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-should-you-pay-ransomware-attackers-a-game-theory-approach"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-226-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-should-you-pay-ransomware-attackers-a-game-theory-approach" class="post-name"><span class="underline">Malicious Life Podcast: Should You Pay Ransomware Attackers? A Game Theory Approach</span></a> <p>The FBI explicitly advises companies against paying ransomware attackers - but itself payed 4.4 million dollars worth of Bitcoin after the Colonial Pipeline attack. So, should you listen to what the experts say, or follow what they occasionally do? It’s complicated, but we can model this problem.</p> <p class="date-and-duration"> <span class="publish-date">October 17, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-taking-shortcuts-using-lnk-files-for-initial-infection-and-persistence"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/threat-analysis-lnk-files-featured-image.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-taking-shortcuts-using-lnk-files-for-initial-infection-and-persistence" class="post-name"><span class="underline">THREAT ANALYSIS: Taking Shortcuts… Using LNK Files for Initial Infection and Persistence</span></a> <p>In this Threat Analysis report, Cybereason investigates and explores various techniques for abusing the Windows Shortcut file format.</p> <p class="date-and-duration"> <span class="publish-date">October 6, 2023 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-silent-firewalls-the-underrepresentation-of-women-in-cyber"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-225-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-silent-firewalls-the-underrepresentation-of-women-in-cyber" class="post-name"><span class="underline">Malicious Life Podcast: Silent Firewalls: The Underrepresentation of Women in Cyber</span></a> <p>In the vast landscape of STEM, women constitute a mere 28% of the workforce. Yet, when we zoom into the realm of cybersecurity, the number dwindles even further to a startling 20 to 24 percent. What are the underlying reasons behind this disparity?</p> <p class="date-and-duration"> <span class="publish-date">October 2, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-operation-kudo"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-224-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-operation-kudo" class="post-name"><span class="underline">Malicious Life Podcast: Operation Kudo</span></a> <p>In 1981, during the G7 Summit in Quebec, French president Francois Mitterand handed President Raegan a top secret collection of documents, called Farewell Dossier. The information found in the dossier allowed the US to devise a cunning plan - the very first supply chain attack, if you will - to bring a firey end to one of largest industrial espionage campaigns in history.</p> <p class="date-and-duration"> <span class="publish-date">September 20, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cybereason-delivers-100-scores-in-2023-mitre-attck-evaluations-for-enterprise"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/cr-mitre-23-lp-featured-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cybereason-delivers-100-scores-in-2023-mitre-attck-evaluations-for-enterprise" class="post-name"><span class="underline">Cybereason Sets the New Industry Standard in 2023 MITRE ATT&CK Evaluations: Enterprise</span></a> <p>Fresh off the press: the results of the 2023 MITRE Engenuity ATT&CK® Evaluations for Enterprise have been published and Cybereason set a new benchmark with perfect scores in nearly every aspect of the evaluations.</p> <p class="date-and-duration"> <span class="publish-date">September 20, 2023 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/the-cybersecurity-capability-the-industry-nearly-forgot"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/Cybersecurity-Capability-Industry-Nearly-Forgot.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/the-cybersecurity-capability-the-industry-nearly-forgot" class="post-name"><span class="underline">The Cybersecurity Capability the Industry Nearly Forgot</span></a> <p>How do we secure the Private Infrastructure Protection (PIP) space? By providing virtualized containers, allowing customers to re-use their own hardware and making it easier to add in new capabilities as the cyber security world evolves.</p> <p class="date-and-duration"> <span class="publish-date">September 13, 2023 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-can-we-stop-the-ai-cyber-threat"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ML-Ep-223-Card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-can-we-stop-the-ai-cyber-threat" class="post-name"><span class="underline">Malicious Life Podcast: Can We Stop the AI Cyber Threat?</span></a> <p>Much of the cybersecurity software in use today utilizes AI, especially things like spam filters and network traffic monitors. But will all those tools be enough to stop the proliferation of malware that will come from generative AI-driven cyber attacks? The potential of AI to disrupt cyberspace is far greater than any solutions we’ve come up with thus far, which is why some researchers are looking beyond the traditional answers, towards more aggressive measures.</p> <p class="date-and-duration"> <span class="publish-date">September 4, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-is-generative-ai-dangerous"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/generative-ai-dangerous-ep-222.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-is-generative-ai-dangerous" class="post-name"><span class="underline">Malicious Life Podcast: Is Generative AI Dangerous?</span></a> <p>Every so often, the entire landscape of cybersecurity shifts, all at once: The latest seismic shift in the field occurred just last year. So in this episode of Malicious Life we’re going to take a look into the future of cybersecurity: at how generative AI like ChatGPT will change cyberspace, through the eyes of five research teams breaking ground in the field. We’ll start off simple, and gradually build to increasingly more complex, more futuristic examples of how this technology might well turn against us, forcing us to solve problems we’d never considered before. – check it out...</p> <p class="date-and-duration"> <span class="publish-date">August 22, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-assemble-lockbit-3"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/lockbit-3-blog-card.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-assemble-lockbit-3" class="post-name"><span class="underline">THREAT ANALYSIS: Assemble LockBit 3.0</span></a> <p>LockBit 2.0 ransomware attackers are constantly evolving and making detection, investigation, and prevention more complex by disabling EDR and other security products and deleting the evidence to stifle forensics attempts...</p> <p class="date-and-duration"> <span class="publish-date">August 21, 2023 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/extend-cloud-detection-and-response-with-sysdig-and-cybereason"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/cloud-detection-sysdig-featured-image.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/extend-cloud-detection-and-response-with-sysdig-and-cybereason" class="post-name"><span class="underline">Extend Cloud Detection and Response with Sysdig and Cybereason</span></a> <p>This integration is a significant development in the Cybereason & Sysdig partnership. By combining our strengths, we aim to create a solution that will help customers better protect their complete cloud risk. </p> <p class="date-and-duration"> <span class="publish-date">August 9, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-why-arent-there-more-bug-bounty-programs"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/bug-bounty-programs-ep-221.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-why-arent-there-more-bug-bounty-programs" class="post-name"><span class="underline">Malicious Life Podcast: Why aren't there more bug bounty programs?</span></a> <p>On the face of it, there's an obvious economic incentive for both vendors and security researchers to collaborate on disclosing vulnerabilities safely and privately. Yet bug bounty programs have gained prominence only in the past decade or so, and even today only a relatively small portion of vendors have such programs at place. Why is that? – check it out...</p> <p class="date-and-duration"> <span class="publish-date">August 8, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-voynich-manuscript"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/voynich-ep-220.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-voynich-manuscript" class="post-name"><span class="underline">Malicious Life Podcast: The Voynich Manuscript</span></a> <p>The constant battle between those who wish to encrypt data and those who wish to break these ciphers has made modern encryption schemes extremely powerful. Subsequently, the tools and methods to break them became equivalently sophisticated. Yet, could it be that someone in the 15th century created a cipher that even today’s most brilliant codebreakers and most sophisticated and advanced tools - cannot break?...</p> <p class="date-and-duration"> <span class="publish-date">July 25, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-roman-seleznev-did-the-punishment-fit-the-crime"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/roman-seleznev-ep-219.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-roman-seleznev-did-the-punishment-fit-the-crime" class="post-name"><span class="underline">Malicious Life Podcast: Roman Seleznev: Did the Punishment Fit the Crime?</span></a> <p>In 2019, Roman Seleznev, a 34 years-old Russian national, was sentenced to 27 years in prison: A sentence that’d make any criminal quiver. Seleznev's deeds had a horrendous effect on the 2.9 million individuals whose credit cards he stole and sold to cyber criminals for identity theft and financial crimes. On one hand, it’s hard to imagine any nonviolent computer crime worth 27 years in prison. But then what is an appropriate sentence for such a man as Seleznev? – check it out...</p> <p class="date-and-duration"> <span class="publish-date">July 10, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cybereasons-new-unified-malop-dashboard"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/soc-dash-23-ram-featured-image.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cybereasons-new-unified-malop-dashboard" class="post-name"><span class="underline">Cybereason's New Unified MalOp Dashboard</span></a> <p>To help SOC teams stay ahead of the curve, Cybereason introduced a unified dashboard designed to provide additional insights into emerging threats, operational metrics and provide insights to continuously improve SOC processes and procedures.</p> <p class="date-and-duration"> <span class="publish-date">July 7, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-sony-bmgs-rootkit-fiasco"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/sony-bmg-rootkit-ep-218.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-sony-bmgs-rootkit-fiasco" class="post-name"><span class="underline">Malicious Life Podcast: Sony BMG's Rootkit Fiasco</span></a> <p>"We made a mistake and Sony paid a terrible price.” A terrible price indeed: an arrogant and ill-advised decision to include a rootkit in its music CDs cost Sony BMG a lot of money - and painted it as a self-centered, self-serving company that cares more about its bottom line than its customers. Why did Sony BMG make such a poor decision? – check it out...</p> <p class="date-and-duration"> <span class="publish-date">June 27, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/xdr-in-2023-cybersecuritys-knight-or-another-castle-in-the-cloud"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/xdr-castle-sky-blog.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/xdr-in-2023-cybersecuritys-knight-or-another-castle-in-the-cloud" class="post-name"><span class="underline">XDR in 2023: Cybersecurity’s Knight or Another Castle in the Cloud?</span></a> <p>Can XDR bring value to your security team? In this post, we delve into three crucial questions that can help determine if XDR can be a shining knight on your cyber battlefield.</p> <p class="date-and-duration"> <span class="publish-date">June 21, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-ad-fraud-part-2"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ad-fraud-pt2-ep-217.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-ad-fraud-part-2" class="post-name"><span class="underline">Malicious Life Podcast: Ad Fraud, Part 2</span></a> <p>"What makes ad fraud so successful, and so prevalent, and why can’t we stop it? The answer isn’t technical at all. It’s not hard to understand. But it’s a harsh reality that many people are simply not willing to face. – check it out...</p> <p class="date-and-duration"> <span class="publish-date">June 9, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-ad-fraud-part-1"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/ad-fraud-pt1-ep-217.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-ad-fraud-part-1" class="post-name"><span class="underline">Malicious Life Podcast: Ad Fraud, Part 1</span></a> <p>Right now, a man named Aleksandr Zhukov is sitting in jail for one of the most financially ruinous schemes ever invented for the internet. Zhukov is guilty. He was caught and convicted under a mountain of evidence against him. Except the deeper you look into it, the deeper the well goes. In this episode, we’ll learn how Aleksandr Zhukov defrauded some of the biggest American corporations for millions of dollars. And we’ll ask the question that hardly anyone else is willing to acknowledge: Was this clever, successful, guilty cybercriminal merely a fall guy for everybody else playing his twisted game?. – check it out...</p> <p class="date-and-duration"> <span class="publish-date">May 30, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-economics-of-cybersecurity"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/economics-of-cybersecurity-ep-215.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-economics-of-cybersecurity" class="post-name"><span class="underline">Malicious Life Podcast: The Economics Of Cybersecurity</span></a> <p>The numbers can’t be any clearer: a DDoS attack costs less than a hundred dollars, while the price tag for mitigating it might reach tens if not hundreds of thousands of dollars. A single well crafted phishing email can easily circumvent cyber defenses which cost millions of dollars to set up. How can we change the extreame cost asymmetry between attackers and defenders in cyberspace?. – check it out...</p> <p class="date-and-duration"> <span class="publish-date">May 15, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/xdr-foundations-eliminating-fragmented-cybersecurity-data"><img src="https://www.cybereason.com/hubfs/cybereason-xdr-data-management.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/xdr-foundations-eliminating-fragmented-cybersecurity-data" class="post-name"><span class="underline">XDR Foundations: Eliminating Fragmented Cybersecurity Data</span></a> <p>Cybereason XDR eliminates data fragmentation by ingesting all relevant security data from all security controls into a single data platform.</p> <p class="date-and-duration"> <span class="publish-date">May 3, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-reason-you-dont-have-data-privacy"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/reason-you-dont-have-data-privacy-ep-214.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-reason-you-dont-have-data-privacy" class="post-name"><span class="underline">Malicious Life Podcast: The Reason You Don’t Have Data Privacy</span></a> <p>We’ve all experienced the creepiness of modern data trafficking, but that kind of daily annoyance is the surface of a much bigger issue: Big Tech companies such as Amazon & Microsoft are lobbying policymakers to veto laws that harm their business, and often hide their lobbying behind industry coalitions or organizations with names that are vague and seemingly harmless. Will current and future privacy laws actually protect your information, or will they protect the companies collecting your information? – check it out...</p> <p class="date-and-duration"> <span class="publish-date">May 1, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/xdr-foundations-leveraging-ai-where-it-matters-most"><img src="https://www.cybereason.com/hubfs/cybereason-xdr-ai.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/xdr-foundations-leveraging-ai-where-it-matters-most" class="post-name"><span class="underline">XDR Foundations: Leveraging AI Where it Matters Most</span></a> <p>Cybereason has a long history of leveraging AI and Machine Learning models to classify malicious operations (MalOp™) and malware with a high level of accuracy. </p> <p class="date-and-duration"> <span class="publish-date">May 1, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cybereason-announces-unified-threat-hunting-and-investigation"><img src="https://www.cybereason.com/hubfs/cybereason-unified-threat-hunting-and-investigation-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cybereason-announces-unified-threat-hunting-and-investigation" class="post-name"><span class="underline">Cybereason Announces Unified Threat Hunting and Investigation</span></a> <p>Cybereason announces Unified Threat Hunting and Investigation, a significant development in its approach to storing long-term hunting data.</p> <p class="date-and-duration"> <span class="publish-date">April 26, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/all-things-cybereason-at-2023-rsa-conference"><img src="https://www.cybereason.com/hubfs/cybereason-rsa-conference-2023.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/all-things-cybereason-at-2023-rsa-conference" class="post-name"><span class="underline">All Things Cybereason at 2023 RSA Conference</span></a> <p>Don’t miss the immersive Cybereason digital experience and live demos at booth N-5457 in the North Expo Hall. </p> <p class="date-and-duration"> <span class="publish-date">April 18, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-how-entire-countries-can-lose-the-internet"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/how-countries-can-lose-the-internet-ep-213.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-how-entire-countries-can-lose-the-internet" class="post-name"><span class="underline">Malicious Life Podcast: How Entire Countries Can Lose the Internet</span></a> <p>Disruptions to the world’s internet cables happen more often than you think: Whether it be ship anchors or animals or saboteurs, cut a few wires in the right places and at nearly the speed of light you can disrupt or shut off the internet for broad populations of people at a time. It is an immense power that runs through these lines -- a power that can be sabotaged or, in the right hands, weaponized. – check it out...</p> <p class="date-and-duration"> <span class="publish-date">April 17, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-olympic-destroyer"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/olympic-destroyer-ep-212.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-olympic-destroyer" class="post-name"><span class="underline">Malicious Life Podcast: Olympic Destroyer</span></a> <p>In the midst of 35,000 exhilarated spectators eagerly chanting the time-honored countdown to kick off the 2018 Pyeongchang Winter Olympics, a sinister malware crept through the games' network, threatening to disrupt the highly-anticipated event. The obvious question in everyone’s minds was - who was responsible for the attack? Who was vile enough to launch such a potentially destructive attack against an event which, more than anything, symbolizes peace and global cooperation? – check it out...</p> <p class="date-and-duration"> <span class="publish-date">April 3, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cybereason-detects-and-prevents-3cxdesktopapp-supply-chain-attack"><img src="https://www.cybereason.com/hubfs/3CXDesktopApp.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cybereason-detects-and-prevents-3cxdesktopapp-supply-chain-attack" class="post-name"><span class="underline">Cybereason Detects and Prevents 3CXDesktopApp Supply Chain Attack</span></a> <p>Cybereason detects and prevents the ongoing 3CXDesktopApp supply chain attack.</p> <p class="date-and-duration"> <span class="publish-date">March 31, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-lawerence-berkeley-hack-part-2"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/lawrence-berkele-hack-pt2-ep-211.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-lawerence-berkeley-hack-part-2" class="post-name"><span class="underline">Malicious Life Podcast: The Lawerence Berkeley Hack, Part 2</span></a> <p>On May 23rd, 1989, Karl Koch - a 23 years old West German hacker who worked for the KGB - took a drive, from which he would never return: Nine days later his charred remains were found by the police in a remote forest. Was Koch assasinated by the US or the Sovient Union, or is there another, more 'mystical' explanation for his death? – check it out...</p> <p class="date-and-duration"> <span class="publish-date">March 20, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/5-steps-to-more-effective-ransomware-response"><img src="https://www.cybereason.com/hubfs/5%20steps%20to%20more%20effective%20ransomware%20response.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/5-steps-to-more-effective-ransomware-response" class="post-name"><span class="underline">5 Steps to More Effective Ransomware Response</span></a> <p>Investing in technology can give companies a false sense of security when it comes to ransomware. Here are 5 steps to more effective ransomware response.</p> <p class="date-and-duration"> <span class="publish-date">March 15, 2023 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/how-ransomware-is-driving-soc-modernization-requirements"><img src="https://www.cybereason.com/hubfs/How%20Ransomware%20is%20Driving%20SOC%20Modernization%20Requirements.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/how-ransomware-is-driving-soc-modernization-requirements" class="post-name"><span class="underline">New Study: Ransomware Driving SOC Modernization Requirements</span></a> <p>Ransomware directly impacts the investment decisions organizations make to modernize their Security Operations Centers, according to a Cybereason study.</p> <p class="date-and-duration"> <span class="publish-date">March 14, 2023 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/why-cybereason-is-a-2022-gartner-magic-quadrant-leader"><img src="https://www.cybereason.com/hubfs/Cybereason-private-infrastructure-protection-gartner-magic-quadrant.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/why-cybereason-is-a-2022-gartner-magic-quadrant-leader" class="post-name"><span class="underline">Visibility, Response, and Private Infrastructure Protection: Why Cybereason is a 2022 Gartner® Magic Quadrant™ Leader</span></a> <p>Where other vendors fail to support on-premises deployments, Cybereason is globally minded, and we address the need for secure Private Infrastructure.</p> <p class="date-and-duration"> <span class="publish-date">March 9, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-lawerence-berkeley-hack-part-1"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/lawrence-berkele-hack-pt1-ep-210.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-lawerence-berkeley-hack-part-1" class="post-name"><span class="underline">Malicious Life Podcast: The Lawerence Berkeley Hack, Part 1</span></a> <p>Four decades ago, three quarters would’ve gone a lot further than they do today. With that kind of loose change you could’ve picked up some milk from the grocery store, or over half a gallon of gas, or a bus ticket. But that doesn’t explain why, on one fateful day in 1986, a systems administrator at the Lawrence Berkeley National Laboratory in California made such an issue over 75 missing cents. – check it out...</p> <p class="date-and-duration"> <span class="publish-date">March 8, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/u.s.-national-cybersecurity-strategy-at-an-inflection-point"><img src="https://www.cybereason.com/hubfs/Biden-cybersecurity-strategy.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/u.s.-national-cybersecurity-strategy-at-an-inflection-point" class="post-name"><span class="underline">U.S. National Cybersecurity: Strategy at an Inflection Point</span></a> <p>We are at an inflection point in U.S. National Cybersecurity strategy. The strategy’s high-level objectives are laudable, but largely unachievable. </p> <p class="date-and-duration"> <span class="publish-date">March 8, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/variant-payload-prevention-fuzzy-similarity"><img src="https://www.cybereason.com/hubfs/variant-payload-prevention.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/variant-payload-prevention-fuzzy-similarity" class="post-name"><span class="underline">Variant Payload Prevention: Applying Data Science to Stop the Stealthiest Threats</span></a> <p>Cybereason’s Variant Payload Prevention employs a new proprietary algorithm for fuzzy similarity called Binary Similarity Analysis (BSA).</p> <p class="date-and-duration"> <span class="publish-date">March 3, 2023 /</span> <span class="read-time"> 6 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-russian-propaganda-explained-b-side"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/russian-fake-news-explained-mlbside-ep-209.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-russian-propaganda-explained-b-side" class="post-name"><span class="underline">Malicious Life Podcast: Russian Propaganda, Explained [ML B-Side]</span></a> <p>In this B-Side episode, our Senior Producer Nate Nelson interviewed Dr. Bilyana Lilly - CISSP, a leader in cybersecurity and information warfare with over fifteen years of managerial, technical, and research experience, and author of "Russian Information Warfare" - about the Russian use of instant messaging and social media platforms such as Telegram and Twitter in their war efforts. Dr. Lilly discusses who they are targeting and the real-world impact their propaganda has on various populations. – check it out...</p> <p class="date-and-duration"> <span class="publish-date">February 28, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cybereason-named-a-leader-in-2022-gartner-magic-quadrant-for-endpoint-protection-platforms"><img src="https://www.cybereason.com/hubfs/IMG_8481.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cybereason-named-a-leader-in-2022-gartner-magic-quadrant-for-endpoint-protection-platforms" class="post-name"><span class="underline">Cybereason Named a Leader in 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms</span></a> <p>Cybereason is excited and honored to be positioned as a “Leader” in the recently released 2022 Gartner Magic Quadrant for Endpoint Protection Platforms.</p> <p class="date-and-duration"> <span class="publish-date">February 28, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/new-studies-paint-bleak-picture-of-future-soc-effectiveness"><img src="https://www.cybereason.com/hubfs/Future%20SOC%20Effectiveness.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/new-studies-paint-bleak-picture-of-future-soc-effectiveness" class="post-name"><span class="underline">New Studies Paint Bleak Picture of Future SOC Effectiveness</span></a> <p>The increasing stress of leading and working in a Security Operations Center (SOC) will lead to a wave of resignations in the next two years.</p> <p class="date-and-duration"> <span class="publish-date">February 23, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-operation-ivy-bells"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/operation-ivy-bells-ep-208.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-operation-ivy-bells" class="post-name"><span class="underline">Malicious Life Podcast: Operation Ivy Bells</span></a> <p>In the early 1970's, US intelligence pointed at the possibility that the Russians have laid an underwater communication cable between two important naval bases in the Far East. The dangerous mission of installing a listening device on that cable was given to the navy most secretive and unusual submarine. – check it out...</p> <p class="date-and-duration"> <span class="publish-date">February 20, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-gootloader-seo-poisoning-and-large-payloads-leading-to-compromise"><img src="https://www.cybereason.com/hubfs/Threat-Alert-GootLoader-SEO-Poisoning.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-gootloader-seo-poisoning-and-large-payloads-leading-to-compromise" class="post-name"><span class="underline">THREAT ALERT: GootLoader - SEO Poisoning and Large Payloads Leading to Compromise</span></a> <p>In December 2022, the Cybereason Incident Response (IR) team investigated an incident which involved new deployment methods of GootLoader.</p> <p class="date-and-duration"> <span class="publish-date">February 14, 2023 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/ransomware-shifting-to-the-cloud"><img src="https://www.cybereason.com/hubfs/Ransomware-shifting-to-cloud.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/ransomware-shifting-to-the-cloud" class="post-name"><span class="underline">Ransomware Shifting to the Cloud</span></a> <p>We are already seeing ransomware that scans for cloud-based collaboration points. And while you may think the risks are the same, that's not the case.</p> <p class="date-and-duration"> <span class="publish-date">February 14, 2023 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-why-do-nfts-disappear-bside"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/nfts-disappear-mlbside-ep-207.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-why-do-nfts-disappear-bside" class="post-name"><span class="underline">Malicious Life Podcast: Why Do NFTs Disappear? [ML BSide]</span></a> <p>What happens when an NFT marketplace goes under, and disappears? You would imagine that the users’ NFTs are perfectly safe: after all, the blockchain itself is still there, right? But that’s not how things work in the real world. </p> <p class="date-and-duration"> <span class="publish-date">February 13, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cybereason-advances-prevention-data-collection-investigation-and-management-capabilities"><img src="https://www.cybereason.com/hubfs/Cybereason%20advances%20prevention%20data%20collection.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cybereason-advances-prevention-data-collection-investigation-and-management-capabilities" class="post-name"><span class="underline">Cybereason advances prevention, data collection, investigation, and management capabilities</span></a> <p>New Cybereason features and capabilities include improvements to prevention, data collection, investigation, and management capabilities.</p> <p class="date-and-duration"> <span class="publish-date">February 6, 2023 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-the-other-problem-with-nfts"><img src="https://www.cybereason.com/hubfs/dam/images/images-web/featured-images/other-problem-with-nfts-ep-206.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-the-other-problem-with-nfts" class="post-name"><span class="underline">Malicious Life Podcast: The (Other) Problem with NFTs</span></a> <p>Financial markets make good targets for criminals - after all, that's where the big money is. Surprisingly, many of these criminals are not your run-of-the-mill black hat hacker, but brokers registered with the SEC: genuine finance industry professionals – check it out...</p> <p class="date-and-duration"> <span class="publish-date">February 6, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/you-should-be-afraid-of-sim-swaps"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%285%29-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/you-should-be-afraid-of-sim-swaps" class="post-name"><span class="underline">You Should Be Afraid of SIM Swaps</span></a> <p>If SIM swap stories ever make the news, almost uniformly, they focus on people who lost a lot of money. But SIM swaps also take a psychological toll...</p> <p class="date-and-duration"> <span class="publish-date">January 31, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/fbi-vs.-revil-ml-bside"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%284%29-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/fbi-vs.-revil-ml-bside" class="post-name"><span class="underline">FBI vs. REvil [ML BSide]</span></a> <p>Nate Nelson speaks with Rich Murray, who leads the FBI’s North Texas Cyber unit, about how the Federal Bureau of Investigations dealt with dealt with another attack by REvil</p> <p class="date-and-duration"> <span class="publish-date">January 24, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cyberbunker-part-2"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%283%29-2.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cyberbunker-part-2" class="post-name"><span class="underline">Cyberbunker, Part 2</span></a> <p>Spamhaus's decision to add Cyberbunker to its list of Spam sources led the Stophaus coalition to initiate a DDoS attack later dubbed “The attack that almost broke the Internet.”</p> <p class="date-and-duration"> <span class="publish-date">January 20, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/7-requirements-for-a-successful-xdr-strategy"><img src="https://www.cybereason.com/hubfs/7-requirements-for-xdr.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/7-requirements-for-a-successful-xdr-strategy" class="post-name"><span class="underline">7 Requirements for a Successful XDR Strategy</span></a> <p>If you’re a security practitioner wondering where to start your XDR journey, here’s a look at the fundamental building blocks of a successful XDR strategy.</p> <p class="date-and-duration"> <span class="publish-date">January 19, 2023 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/sliver-c2-leveraged-by-many-threat-actors"><img src="https://www.cybereason.com/hubfs/Sliver%20C2-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/sliver-c2-leveraged-by-many-threat-actors" class="post-name"><span class="underline">Sliver C2 Leveraged by Many Threat Actors</span></a> <p>Threat Research: Sliver C2 gets more and more traction from Threat Actors, often seen as an alternative from Cobalt Striker.</p> <p class="date-and-duration"> <span class="publish-date">January 19, 2023 /</span> <span class="read-time"> 20 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/rsa-conference-2023-promises-new-concepts-diversity-of-ideas"><img src="https://www.cybereason.com/hubfs/RSA%20Conference.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/rsa-conference-2023-promises-new-concepts-diversity-of-ideas" class="post-name"><span class="underline">RSA Conference 2023 Promises New Concepts, Diversity of Ideas</span></a> <p>This year's submissions to the RSA Conference have broadened the diversity of ideas and introduced new concepts.</p> <p class="date-and-duration"> <span class="publish-date">January 17, 2023 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cyberbunker-part-1"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%282%29-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cyberbunker-part-1" class="post-name"><span class="underline">Cyberbunker, Part 1</span></a> <p>Sven Kamphuis and Herman Johan Xennt are quite dissimilar... and in 1996, their unlikely partnership coalesced around a mutual deep hatred towards authority... </p> <p class="date-and-duration"> <span class="publish-date">January 11, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-from-icedid-to-domain-compromise"><img src="https://www.cybereason.com/hubfs/blog-post-text-Jan-06-2023-11-40-30-7591-PM.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-from-icedid-to-domain-compromise" class="post-name"><span class="underline">THREAT ANALYSIS: From IcedID to Domain Compromise</span></a> <p>Recently, IcedID, also known as BokBot, has been used more as a dropper for other malware families and as a tool for initial access brokers.</p> <p class="date-and-duration"> <span class="publish-date">January 10, 2023 /</span> <span class="read-time"> 9 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/mitre-attck-and-the-art-of-building-better-defenses"><img src="https://www.cybereason.com/hubfs/blog-post-text-Jan-09-2023-06-47-00-9221-PM.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/mitre-attck-and-the-art-of-building-better-defenses" class="post-name"><span class="underline">MITRE ATT&CK and the Art of Building Better Defenses</span></a> <p>Cybereason has developed a comprehensive guide to MITRE ATT&CK to help your organization drive more consistent and effective defenses against attacks.</p> <p class="date-and-duration"> <span class="publish-date">January 9, 2023 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/how-netflix-learned-cloud-security-ml-b-side"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%281%29-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/how-netflix-learned-cloud-security-ml-b-side" class="post-name"><span class="underline">How Netflix Learned Cloud Security [ML B-Side]</span></a> <p>2011 was a pivotal year for Netflix: the now hugely successful company was then in the midst of a formidable transformation, changing from a mail-based DVD rental service to the modern streaming service that it is today</p> <p class="date-and-duration"> <span class="publish-date">January 3, 2023 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-fred-cohen-the-godfather-of-computer-viruses-ml-b-side"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-fred-cohen-the-godfather-of-computer-viruses-ml-b-side" class="post-name"><span class="underline">Malicious Life Podcast: Fred Cohen, The Godfather of Computer Viruses [ML B-Side]</span></a> <p>Dr. Fred Cohen not only introduced the name ‘computer virus’, a term invented by his mentor, Leonard Adelman, but was also the first to analyze computer viruses in a rigorous mathematical way...</p> <p class="date-and-duration"> <span class="publish-date">December 19, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/royal-ransomware-analysis"><img src="https://www.cybereason.com/hubfs/Royal%20Ransomware-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/royal-ransomware-analysis" class="post-name"><span class="underline">Royal Rumble: Analysis of Royal Ransomware</span></a> <p>Royal ransomware has become one of the most prolific ransomware groups in 2022. Read our threat analysis to learn how Royal ransomware operations work, how they evade anti-ransomware defenses, and how you can outsmart them. </p> <p class="date-and-duration"> <span class="publish-date">December 14, 2022 /</span> <span class="read-time"> 7 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/how-cybereason-mdr-improved-olists-triage-response-time"><img src="https://www.cybereason.com/hubfs/olist-cybereason-mdr.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/how-cybereason-mdr-improved-olists-triage-response-time" class="post-name"><span class="underline">Case Study: How Cybereason MDR Improved Olist’s Triage & Response Time</span></a> <p>With Cybereason Managed Detection and Response (MDR), the Olist security team shortened their triage and remediation times to less than 30 minutes.</p> <p class="date-and-duration"> <span class="publish-date">December 13, 2022 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-thamar-reservoir"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode-thamar-reservoir.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-thamar-reservoir" class="post-name"><span class="underline">Malicious Life Podcast: Thamar Reservoir</span></a> <p>How does it feel to live for years with a virtual target mark on your back?… Malicious Life discusses the story of Thamar Gindin.</p> <p class="date-and-duration"> <span class="publish-date">December 13, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/ransomware-which-industries-are-most-likely-to-pay"><img src="https://www.cybereason.com/hubfs/Ransomware%20Which%20Industries%20Are%20Most%20Likely%20to%20Pay-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/ransomware-which-industries-are-most-likely-to-pay" class="post-name"><span class="underline">Ransomware: Which Industries Are Most Likely to Pay</span></a> <p>Paying a ransom is the worst possible strategy for addressing ransomware attacks. </p> <p class="date-and-duration"> <span class="publish-date">December 12, 2022 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/the-problem-with-kernel-mode-anti-cheat-software-ml-b-side"><img src="https://www.cybereason.com/hubfs/the%20problem%20with%20kernel%20mode%20anti%20cheat%20software-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/the-problem-with-kernel-mode-anti-cheat-software-ml-b-side" class="post-name"><span class="underline">The Problem With Kernel-Mode Anti-Cheat Software [ML B-Side]</span></a> <p>Nobody likes cheaters, especially in video games. That's why EA and other publishers are implementing kernel-mode anti-cheat software in their games. Yet some people warn that installing such kernel-level systems is extremely dangerous. In this episode of Malicious Life, we examine why. </p> <p class="date-and-duration"> <span class="publish-date">December 8, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/ransomware-what-healthcare-cisos-can-do-differently"><img src="https://www.cybereason.com/hubfs/What%20Healthcare%20CISOs%20Can%20Do%20Differently%20Ransomware-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/ransomware-what-healthcare-cisos-can-do-differently" class="post-name"><span class="underline">What Healthcare CISOs Can Do Differently to Fight Ransomware</span></a> <p>Current approaches to fighting ransomware in healthcare don't seem to be working. We've got a prescription for what healthcare CISOs can do differently. </p> <p class="date-and-duration"> <span class="publish-date">December 7, 2022 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-msi-masquerading-as-software-installer"><img src="https://www.cybereason.com/hubfs/MSI%20Masquerading%20as%20a%20Malicious%20Software%20Installer%20blog.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-msi-masquerading-as-software-installer" class="post-name"><span class="underline">Threat Analysis: MSI - Masquerading as a Software Installer</span></a> <p>Learn how threat actors are embedding malicious binaries and scripts in legitimate Microsoft Windows Installation (.msi) files to take over machines they're targeting with elevated privileges. Find out how to detect this sophisticated attack technique. </p> <p class="date-and-duration"> <span class="publish-date">December 5, 2022 /</span> <span class="read-time"> 16 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/fbi-cisa-warning-on-cuba-ransomware"><img src="https://www.cybereason.com/hubfs/FBI-CISA-Cuba-Ransomware.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/fbi-cisa-warning-on-cuba-ransomware" class="post-name"><span class="underline">FBI, CISA Issue Warning on Cuba Ransomware</span></a> <p>The FBI and CISA issued a joint advisory on Cuba ransomware actors. The advisory is the latest in the government’s #StopRansomware campaign.</p> <p class="date-and-duration"> <span class="publish-date">December 2, 2022 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/nine-cybersecurity-predictions-for-2023"><img src="https://www.cybereason.com/hubfs/2023%20Cybersecurity%20Predictions.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/nine-cybersecurity-predictions-for-2023" class="post-name"><span class="underline">Nine Cybersecurity Predictions for 2023</span></a> <p>Cybereason VP and EMEA Field CISO Greg Day anticipates 2023 will bring more cloud credential attacks, increased use of deepfakes in blended attacks, attacks between smart devices, and more. </p> <p class="date-and-duration"> <span class="publish-date">December 1, 2022 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-how-to-not-build-a-cybersecurity-startup"><img src="https://www.cybereason.com/hubfs/How%20to%20Not%20Build%20a%20Cybersecurity%20Startup-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-how-to-not-build-a-cybersecurity-startup" class="post-name"><span class="underline">Malicious Life Podcast: How to NOT Build a Cybersecurity Startup</span></a> <p>When it was founded in 2011, Norse Corp. had everything going for it, but the startup blew up in smoke less than six years later. Malicious Life explores what went so horribly wrong. </p> <p class="date-and-duration"> <span class="publish-date">November 29, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-jailbreaking-tractors"><img src="https://www.cybereason.com/hubfs/Jailbreaking%20Tractors-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-jailbreaking-tractors" class="post-name"><span class="underline">Malicious Life Podcast: Jailbreaking Tractors</span></a> <p>An Australian white hat hacker demonstrated how easily hackers can take over farming equipment and the risks this creates for global food supplies. </p> <p class="date-and-duration"> <span class="publish-date">November 28, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/the-russian-business-network"><img src="https://www.cybereason.com/hubfs/The%20Russian%20Business%20Network.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/the-russian-business-network" class="post-name"><span class="underline">The Russian Business Network</span></a> <p>Find out how the Russian Business Network, a once legitimate ISP, became the largest player in the Russian cybercrime world and a key component of Putin's attacks on democracy and misinformation campaigns in this episode of the Malicious Life podcast. </p> <p class="date-and-duration"> <span class="publish-date">November 25, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/what-can-chess-grandmasters-teach-us-about-cyber"><img src="https://www.cybereason.com/hubfs/What%20Can%20Chess%20Grandmasters%20Teach%20Us.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/what-can-chess-grandmasters-teach-us-about-cyber" class="post-name"><span class="underline">What Can Chess Grandmasters Teach Us About Cyber</span></a> <p>Find out what cybersecurity professionals can learn from MMA wrestlers and Chess Grand Champions about peak performance in this episode of Malicious Life, featuring Chris Cochran and Ron Eddings, the co-founders of Hacker Valley Media.</p> <p class="date-and-duration"> <span class="publish-date">November 24, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-aggressive-qakbot-campaign-and-the-black-basta-ransomware-group-targeting-u.s.-companies"><img src="https://www.cybereason.com/hubfs/Black%20Basta%20Threat%20Alert.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-aggressive-qakbot-campaign-and-the-black-basta-ransomware-group-targeting-u.s.-companies" class="post-name"><span class="underline">THREAT ALERT: Aggressive Qakbot Campaign and the Black Basta Ransomware Group Targeting U.S. Companies</span></a> <p>This threat alert describes an aggressive new attack campaign operated by the Black Basta ransomware group. The fast-moving campaign is targeting U.S. companies, and in many cases, is causing serious damage to their IT infrastructures. </p> <p class="date-and-duration"> <span class="publish-date">November 23, 2022 /</span> <span class="read-time"> 11 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-what-would-happen-if-cbs-got-hacked"><img src="https://www.cybereason.com/hubfs/What%20Would%20Happen%20if%20CBS%20Got%20Hacked.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-what-would-happen-if-cbs-got-hacked" class="post-name"><span class="underline">Malicious Life Podcast: What Would Happen If CBS Got Hacked?</span></a> <p>Information security executives explain how media companies can be hacked and why we, as consumers, should care in this Malicious Life BSide podcast. </p> <p class="date-and-duration"> <span class="publish-date">November 22, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-labmd-vs.-ftc"><img src="https://www.cybereason.com/hubfs/Malicious%20Life%20Podcast%20LabMD%20vs%20FTC.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-labmd-vs.-ftc" class="post-name"><span class="underline">Malicious Life Podcast: LabMD vs. The FTC</span></a> <p>One day in 2008, Michael Daugherty got a call from cybersecurity company TiVera, saying private medical data of some 9000 LabMD patients had been discovered online. When Michael refused to pay for TiVersa's hefty "consultation fee", a ten-year legal battle began that led to the demise of LabMD, but also cost the FTC dearly.</p> <p class="date-and-duration"> <span class="publish-date">November 18, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/holiday-weekend-ransomware-attacks-continue-to-hit-companies-hard"><img src="https://www.cybereason.com/hubfs/2022%20Holiday%20Ransomware%20Study.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/holiday-weekend-ransomware-attacks-continue-to-hit-companies-hard" class="post-name"><span class="underline">Holiday, Weekend Ransomware Attacks Continue to Hit Companies Hard</span></a> <p>Traditional Monday through Friday staffing models are out of step with cyber threats and leave companies vulnerable on weekends and holidays, according to the results of a recent survey from Cybereason.</p> <p class="date-and-duration"> <span class="publish-date">November 16, 2022 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/ngav-redefined-9-layers-of-unparalleled-attack-protection"><img src="https://www.cybereason.com/hubfs/NGAV-redefined-blog-post-text.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/ngav-redefined-9-layers-of-unparalleled-attack-protection" class="post-name"><span class="underline">NGAV Redefined: 9 Layers of Unparalleled Attack Protection</span></a> <p>Cybereason NGAV combines 9 independent yet complimentary prevention layers ensuring that your business achieves its goals and bad actors don’t.</p> <p class="date-and-duration"> <span class="publish-date">November 14, 2022 /</span> <span class="read-time"> 15 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/machine-timeline-enhancements-improve-investigation-workflows"><img src="https://www.cybereason.com/hubfs/machine-timeline-enhancements.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/machine-timeline-enhancements-improve-investigation-workflows" class="post-name"><span class="underline">Machine Timeline Enhancements Improve Investigation Workflows</span></a> <p>Cybereason has released a series of enhancements in the Machine Timeline feature (formerly known as Process Timeline) to improve investigation workflows.</p> <p class="date-and-duration"> <span class="publish-date">November 1, 2022 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-report-dll-side-loading-widely-abused"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-19T104122.517.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-report-dll-side-loading-widely-abused" class="post-name"><span class="underline">THREAT ANALYSIS REPORT: DLL Side-Loading Widely (Ab)Used</span></a> <p>This Threat Analysis Report explores widely used DLL Side-Loading attack techniques, outlines how threat actors leverage these techniques, describes how to reproduce an attack, and reports on how defenders can detect and prevent these attacks...</p> <p class="date-and-duration"> <span class="publish-date">October 26, 2022 /</span> <span class="read-time"> 13 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/operationalize-mitre-attack-new-tidal-cyber-wave"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-18T085321.975.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/operationalize-mitre-attack-new-tidal-cyber-wave" class="post-name"><span class="underline">Operationalizing MITRE ATT&CK: A New Wave is Here</span></a> <p>The Tidal Platform makes it efficient to research adversary techniques using MITRE ATT&CK, and now Cybereason has joined the Tidal Product Registry to deliver a visual view of our out-of-the-box detection capabilities...</p> <p class="date-and-duration"> <span class="publish-date">October 19, 2022 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-hacking-stock-markets-part-2"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%2832%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-hacking-stock-markets-part-2" class="post-name"><span class="underline">Malicious Life Podcast: Hacking Stock Markets Part 2</span></a> <p>Financial markets make good targets for criminals - after all, that's where the big money is. Surprisingly, many of these criminals are not your run-of-the-mill black hat hacker, but brokers registered with the SEC: genuine finance industry professionals – check it out...</p> <p class="date-and-duration"> <span class="publish-date">October 18, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/telcos-the-supply-chain-attack-youre-not-ready-for"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-18T085148.693.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/telcos-the-supply-chain-attack-youre-not-ready-for" class="post-name"><span class="underline">Telcos: The Supply Chain Attack You're Not Ready For</span></a> <p>The potential impact from cyberattacks can be very far reaching–not just for the compromised Telcos, but also for their vast customer base whose data is also at risk...</p> <p class="date-and-duration"> <span class="publish-date">October 18, 2022 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/indicators-of-behavior-and-the-diminishing-value-of-iocs"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-12T072834.369-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/indicators-of-behavior-and-the-diminishing-value-of-iocs" class="post-name"><span class="underline">Indicators of Behavior and the Diminishing Value of IOCs</span></a> <p>IOBs describe the subtle chains of malicious activity derived from correlating enriched telemetry from across all network assets - but unlike backward-looking IOCs, IOBs offer a proactive means to leverage real-time telemetry to identify attack activity earlier, and they offer more longevity value than IOCs...</p> <p class="date-and-duration"> <span class="publish-date">October 12, 2022 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/why-ngav-displaced-traditional-antivirus-tools"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-11T064615.861.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/why-ngav-displaced-traditional-antivirus-tools" class="post-name"><span class="underline">Why NGAV Displaced Traditional Antivirus Tools</span></a> <p>NGAV can work to prevent the early stages of a ransomware attack that precede the delivery of the ransomware payload, and offers further protection by also assuring that payload is not detonated on the target machine in the case where the first stages of the attack were not detected...</p> <p class="date-and-duration"> <span class="publish-date">October 11, 2022 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-vishing-voice-scams"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%2831%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-vishing-voice-scams" class="post-name"><span class="underline">Malicious Life Podcast: Vishing Voice Scams</span></a> <p>Rachel Tobac is a hacker and CEO of SocialProof Security, where she helps people and companies keep their data safe by training and pentesting them on social engineering threats like Vishing and the many psychological tricks attackers employ to hack people – check it out...</p> <p class="date-and-duration"> <span class="publish-date">October 11, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cybersecurity-accountability-regulation-your-opinion-matters-"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-06T071527.904.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cybersecurity-accountability-regulation-your-opinion-matters-" class="post-name"><span class="underline">Cybersecurity Accountability Regulation? Your Opinion Matters…</span></a> <p>CISOs and CSOs are already on the hook and are the first ones to take the fall for breaches regardless of whether they fought for additional investments in people, processes, and technology. But what about accountability for the C-Suite and BOD?</p> <p class="date-and-duration"> <span class="publish-date">October 6, 2022 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/10-ways-to-make-your-security-operations-more-efficient"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-06T065715.064.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/10-ways-to-make-your-security-operations-more-efficient" class="post-name"><span class="underline">Ten Ways to Make Your Security Operations More Efficient</span></a> <p>Here are Cybereason's 10 Ways to Make Your Security Operations More Efficient and Effective...</p> <p class="date-and-duration"> <span class="publish-date">October 6, 2022 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/container-escape-all-you-need-is-cap-capabilities"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-05T072637.791.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/container-escape-all-you-need-is-cap-capabilities" class="post-name"><span class="underline">Container Escape: All You Need is Cap (Capabilities)</span></a> <p>Container Escape is considered the 'Holy Grail' of the container attack world - it allows an attacker to escape from a container to the underlying host, and by doing so the attacker can move laterally to other containers from the host or perform actions on the host itself...</p> <p class="date-and-duration"> <span class="publish-date">October 5, 2022 /</span> <span class="read-time"> 9 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/leveraging-indicators-of-behavior-for-early-detection"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-05T071704.749.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/leveraging-indicators-of-behavior-for-early-detection" class="post-name"><span class="underline">Leveraging Indicators of Behavior for Early Detection</span></a> <p>The key to early detection of advanced operations such as the SolarWinds attacks is in leveraging Indicators of Behavior (IOBs) to level-up to a more efficient and effective Operation-Centric approach to detecting the whole of an attack as opposed to responding to individual, uncorrelated alerts...</p> <p class="date-and-duration"> <span class="publish-date">October 5, 2022 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/blue-teaming-on-macos-with-eslogger"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-03T112617.289.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/blue-teaming-on-macos-with-eslogger" class="post-name"><span class="underline">Blue Teaming on macOS with eslogger</span></a> <p>In this edition of the Blue Team Chronicles, we assess the capabilities of eslogger, a new built-in macOS tool, and show how defenders can use this tool to better understand malicious activities on macOS and build new detection approaches...</p> <p class="date-and-duration"> <span class="publish-date">October 4, 2022 /</span> <span class="read-time"> 8 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-hacking-stock-markets-part-1"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%2830%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-hacking-stock-markets-part-1" class="post-name"><span class="underline">Malicious Life Podcast: Hacking Stock Markets Part 1</span></a> <p>Some stock traders are willing to go to great lengths to get information before anyone else, even hacking into trading technologies to gain an unfair advantage and make a fortune along the way–check it out...</p> <p class="date-and-duration"> <span class="publish-date">October 4, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-proxynotshell-two-critical-vulnerabilities-affecting-ms-exchange"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-03T113003.246.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-proxynotshell-two-critical-vulnerabilities-affecting-ms-exchange" class="post-name"><span class="underline">THREAT ALERT: ProxyNotShell - Two Critical Vulnerabilities Affecting MS Exchange</span></a> <p>The Cybereason GSOC Managed Detection and Response (MDR) Team is investigating incidents that involve exploitation of the critical Microsoft Exchange vulnerabilities (CVE-2022–41040 and CVE-2022–41082) dubbed ProxyNotShell after finding them being exploited in the wild...</p> <p class="date-and-duration"> <span class="publish-date">October 3, 2022 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/a-guide-to-more-efficient-effective-soc-teams"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-03T125306.964.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/a-guide-to-more-efficient-effective-soc-teams" class="post-name"><span class="underline">A Guide to More Efficient and Effective SOC Teams</span></a> <p>Cybereason has released a new white paper, Eliminate Alert Fatigue: A Guide to More Efficient and Effective SOC Teams...</p> <p class="date-and-duration"> <span class="publish-date">October 3, 2022 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-wins-big-at-the-17th-annual-peoples-choice-podcast-awards"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-10-03T082054.921.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-wins-big-at-the-17th-annual-peoples-choice-podcast-awards" class="post-name"><span class="underline">Malicious Life Wins Big at the 17th Annual People's Choice Podcast Awards</span></a> <p>The Malicious Life Podcast Team is excited to announce that we won the This Week in Tech Technology Category honor at the 17th Annual People's Choice Podcast Awards...</p> <p class="date-and-duration"> <span class="publish-date">October 3, 2022 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/webinar-october-18th-2022-the-true-cost-of-ransomware-evaluating-risk-and-how-to-avoid-attacks"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-29T100914.455.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/webinar-october-18th-2022-the-true-cost-of-ransomware-evaluating-risk-and-how-to-avoid-attacks" class="post-name"><span class="underline">Webinar October 18th 2022: The True Cost of Ransomware - Evaluating Risk and How to Avoid Attacks</span></a> <p>In this webinar, Cybereason CSO Sam Curry is joined by Cody Queen to dig into the data from the Ransomware: The True Cost to Business 2022 report and how to quantify the true cost to business of ransomware attacks and what cybersecurity leaders can do to mitigate against them...</p> <p class="date-and-duration"> <span class="publish-date">September 30, 2022 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cloud-authentication-a-guide-to-choosing-the-right-solution"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-28T090319.905.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cloud-authentication-a-guide-to-choosing-the-right-solution" class="post-name"><span class="underline">Cloud Authentication: A Guide to Choosing the Right Solution</span></a> <p>Authentication is one of the main elements of a cloud application, as it provides the ability to control access to your application. Need to pick an authentication solution and don't know where to start? This write-up will guide you in choosing an authentication solution that will suit your needs...</p> <p class="date-and-duration"> <span class="publish-date">September 29, 2022 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/webinar-october-13th-2022-ten-considerations-for-more-efficient-security"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-29T075130.403.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/webinar-october-13th-2022-ten-considerations-for-more-efficient-security" class="post-name"><span class="underline">Webinar October 13th 2022: Ten Considerations for More Efficient Security</span></a> <p>Join us on October 13th to hear from-the-field tips on how to create world-class efficiencies, including ways to find efficiencies within your tech stack, tips on how to recruit and manage a successful team, practical tips any team can take to reduce event burden, how the Cybereason Defense Platform can create a 10x boost in efficiencies and more...</p> <p class="date-and-duration"> <span class="publish-date">September 29, 2022 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-what-its-like-to-fight-lulzsec"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%2829%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-what-its-like-to-fight-lulzsec" class="post-name"><span class="underline">Malicious Life Podcast: What It’s Like to Fight LulzSec</span></a> <p>As their name implies, LulzSec was known for trolling their victims:, and while their childish behavior might have fooled some people into thinking that LulzSec was harmless, the story you’re about to hear will show they were anything but – check it out...</p> <p class="date-and-duration"> <span class="publish-date">September 28, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/white-paper-operation-centric-security-leveraging-indicators-of-behavior-for-early-detection"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-26T130918.199.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/white-paper-operation-centric-security-leveraging-indicators-of-behavior-for-early-detection" class="post-name"><span class="underline">White Paper: Operation-Centric Security - Leveraging Indicators of Behavior for Early Detection</span></a> <p>This paper details the Operation-Centric approach and how it can foster earlier detections based on Indicators of Behavior that empowers security operations to dynamically adapt and predictively respond more swiftly than attackers can modify their tactics to circumvent defenses...</p> <p class="date-and-duration"> <span class="publish-date">September 27, 2022 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/defending-against-supply-chain-and-ransomware-attacks"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-26T130836.455.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/defending-against-supply-chain-and-ransomware-attacks" class="post-name"><span class="underline">Defending Against Supply Chain and Ransomware Attacks</span></a> <p>Attacks on organizations that originate from third-party partners and service providers are expected to rise in the coming years as attackers look for weak links in software supply chains in an effort to “attack one to attack all..."</p> <p class="date-and-duration"> <span class="publish-date">September 27, 2022 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cybereason-announces-private-infrastructure-protection-version-21.2"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-26T131959.309.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cybereason-announces-private-infrastructure-protection-version-21.2" class="post-name"><span class="underline">Cybereason Announces Private Infrastructure Protection Version 21.2</span></a> <p>The release of Cybereason Private Infrastructure Protection v. 21.2 includes security hardening improvements, new features and improvements to existing features...</p> <p class="date-and-duration"> <span class="publish-date">September 26, 2022 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/next-generation-antivirus-prevention-redefined"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-21T130804.218.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/next-generation-antivirus-prevention-redefined" class="post-name"><span class="underline">Next Generation Antivirus Prevention Redefined</span></a> <p>Traditional antivirus tools from legacy vendors spot the easy stuff but struggle to prevent novel threats from causing damage. That is why Cybereason is announcing its latest prevention technologies to detect and block all threats from commodity malware to the never before seen...</p> <p class="date-and-duration"> <span class="publish-date">September 22, 2022 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/how-xdr-reduces-the-total-cost-of-security-operations"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-20T113510.582.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/how-xdr-reduces-the-total-cost-of-security-operations" class="post-name"><span class="underline">How XDR Reduces the Total Cost of Security Operations</span></a> <p>AI-driven XDR solution unifies telemetry analysis to optimize efficacy, improves operational efficiency at scale, and eliminates detection blind spots by generating deeply contextual correlations from endpoints, identity management, workspaces, application suites, the cloud and more...</p> <p class="date-and-duration"> <span class="publish-date">September 21, 2022 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/webinar-october-26th-2022-ngav-redefined"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-20T113218.959.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/webinar-october-26th-2022-ngav-redefined" class="post-name"><span class="underline">Webinar October 26th 2022: NGAV Redefined</span></a> <p>In this webinar we will hear from Cybereason CTO and co-founder Yonatan Striem-Amit about how threats are changing; Tim Amey, Field CTO about how Cybereason prevention layers stop malware in its tracks; and Cody Queen, Product Marketing Manager share the latest prevention tools developed by Cybereason to stop the most novel attack techniques...</p> <p class="date-and-duration"> <span class="publish-date">September 21, 2022 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cyber-defenders-council-is-it-time-for-cybersecurity-regulation"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-15T085736.357.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cyber-defenders-council-is-it-time-for-cybersecurity-regulation" class="post-name"><span class="underline">Cyber Defenders Council: Is it Time for Cybersecurity Regulation?</span></a> <p>The report showcases best practices that Council members have used to align business executives around a common understanding of cyber risk and also explores a potentially controversial solution to the business-cybersecurity alignment gap: cybersecurity accountability regulation...</p> <p class="date-and-duration"> <span class="publish-date">September 20, 2022 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/preparing-your-organization-for-a-ransomware-attack"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-19T122257.609.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/preparing-your-organization-for-a-ransomware-attack" class="post-name"><span class="underline">Preparing Your Organization for a Ransomware Attack</span></a> <p>You cannot defend against RansomOps in traditional ways because it’s not a traditional threat, and a focus on detecting the ransomware executable alone is risky because that is the tail-end of a longer attack sequence, where the adversary already has unfettered access to your network...</p> <p class="date-and-duration"> <span class="publish-date">September 20, 2022 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/workforce-challenges-are-here-to-stay-time-to-think-about-mdr"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-20T072538.395.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/workforce-challenges-are-here-to-stay-time-to-think-about-mdr" class="post-name"><span class="underline">Workforce Challenges are Here to Stay: Time to Think about MDR</span></a> <p>The worst of the COVID-19 pandemic may be behind us, but its impact on the global cybersecurity workforce will force many enterprises to consider Managed Detection and Response (MDR) services...</p> <p class="date-and-duration"> <span class="publish-date">September 20, 2022 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-king-kimble-kim-dotcom"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%2828%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-king-kimble-kim-dotcom" class="post-name"><span class="underline">Malicious Life Podcast: King Kimble - Kim DotCom</span></a> <p>The US government says that Kim Schmitz, better known as Kim DotCom, is the leader of a file sharing crime ring. He sees himself as an internet freedom fighter: a fugitive on the run from vindictive overly-powerful governments. Can King Kimble escape the wrath of the USA? Check it out...</p> <p class="date-and-duration"> <span class="publish-date">September 19, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/ransomware-head-to-head-dont-follow-the-crwd"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-14T134316.545.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/ransomware-head-to-head-dont-follow-the-crwd" class="post-name"><span class="underline">Ransomware Head to Head: Don't Follow the CRWD</span></a> <p>When ransomware threatens to shut down your business, the most critical measures of success is the ability to detect malicious activity in real time...</p> <p class="date-and-duration"> <span class="publish-date">September 15, 2022 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-report-abusing-notepad-plugins-for-evasion-and-persistence"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-14T103718.231.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-report-abusing-notepad-plugins-for-evasion-and-persistence" class="post-name"><span class="underline">THREAT ANALYSIS REPORT: Abusing Notepad++ Plugins for Evasion and Persistence</span></a> <p>Cybereason GSOC team analysts have analyzed a specific technique that abuses Notepad++ plugins to evade security mechanisms, achieve persistence and deploy backdoors on targeted machines...</p> <p class="date-and-duration"> <span class="publish-date">September 14, 2022 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/ai/ml-as-a-security-team-force-multiplier"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-13T112612.527.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/ai/ml-as-a-security-team-force-multiplier" class="post-name"><span class="underline">AI/ML as a Security Team Force Multiplier</span></a> <p>AI/ML is critical to automatically analyzing telemetry and correlating it at a rate of millions of events per second. Instead of manually querying data, analysts can spend more time acting on the insights produced by an AI/ML solution across disparate assets on the network...</p> <p class="date-and-duration"> <span class="publish-date">September 14, 2022 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/reimagining-the-soc-a-lesson-from-the-military-on-9/11"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-13T114247.790-1.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/reimagining-the-soc-a-lesson-from-the-military-on-9/11" class="post-name"><span class="underline">Reimagining the SOC: A Lesson From the Military on 9/11</span></a> <p>To sustain the fight against a decentralized global enemy in cyberspace, the modern SOC must engage in a change management experiment to become more agile.</p> <p class="date-and-duration"> <span class="publish-date">September 14, 2022 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/leveraging-xdr-for-cloud-workload-protection-cwpp"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-13T072315.427.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/leveraging-xdr-for-cloud-workload-protection-cwpp" class="post-name"><span class="underline">Leveraging XDR for Cloud Workload Protection</span></a> <p>An XDR solution for Cloud Workloads is ideal for hybrid, multi-cloud and containers to secure all of an organization's cloud-based assets, including microservices-oriented and serverless architectures...</p> <p class="date-and-duration"> <span class="publish-date">September 14, 2022 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-hacking-multi-factor-authentication"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%2827%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-hacking-multi-factor-authentication" class="post-name"><span class="underline">Malicious Life Podcast: Hacking Multi-Factor Authentication</span></a> <p>Multi-Factor Authentication (MFA) is usually considered a better solution for authentication – but Roger Grimes, a veteran security professional and a Data-Driven Defense Evangelist claims that the sense of security current MFA solutions provide us is false - check it out...</p> <p class="date-and-duration"> <span class="publish-date">September 13, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-report-plugx-rat-loader-evolution"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-07T090944.782.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-report-plugx-rat-loader-evolution" class="post-name"><span class="underline">THREAT ANALYSIS REPORT: PlugX RAT Loader Evolution</span></a> <p>PlugX is a post-exploitation modular RAT (Remote Access Trojan), which is known for its multiple functionalities such as data exfiltration, keystroke grabbing, backdoor functionality, and utilizing DLL-Sideloading techniques for evading security solutions...</p> <p class="date-and-duration"> <span class="publish-date">September 8, 2022 /</span> <span class="read-time"> 10 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/the-cybereason-approach-to-sensor-tamper-protection"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-07T083517.794.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/the-cybereason-approach-to-sensor-tamper-protection" class="post-name"><span class="underline">The Cybereason Approach to Sensor Tamper Protection</span></a> <p>Cybereason leverages two distinct paths to protect deployed sensors in a customer environment: Self Protection and Intelligent/Proactive Protection...</p> <p class="date-and-duration"> <span class="publish-date">September 7, 2022 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/how-xdr-solves-key-challenges-facing-security-teams"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-07T073659.457.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/how-xdr-solves-key-challenges-facing-security-teams" class="post-name"><span class="underline">How XDR Solves Key Challenges Facing Security Teams</span></a> <p>With an AI-driven XDR solution, finding one component and being able to quickly ascertain relevant chains of potentially malicious behavior allows Defenders to see the entire operation from the root cause across every impacted user, device, and application...</p> <p class="date-and-duration"> <span class="publish-date">September 7, 2022 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-hacking-language-models"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%2826%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-hacking-language-models" class="post-name"><span class="underline">Malicious Life Podcast: Hacking Language Models</span></a> <p>Language models are everywhere today, and most interestingly they are available via several experiential projects trying to emulate natural conversations such as OpenAI’s GPT-3 and Google’s LaMDA. Can these models be hacked to gain access to the sensitive information they learned from their training data? Check it out...</p> <p class="date-and-duration"> <span class="publish-date">September 6, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/ransomops-vs.-extended-detection-and-response"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-09-06T070615.090.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/ransomops-vs.-extended-detection-and-response" class="post-name"><span class="underline">RansomOps vs. Extended Detection and Response</span></a> <p>RansomOps describes the entire multi-stage ransomware operation with an ensemble of players who contribute to these highly targeted attacks from initial ingress to lateral movement in the network to delivery of the final encryption payload...</p> <p class="date-and-duration"> <span class="publish-date">September 6, 2022 /</span> <span class="read-time"> 6 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/attack-on-montenegro-further-evidence-of-nation-state-and-cybercriminal-crossover"><img src="https://www.cybereason.com/hubfs/blog-post-text%20%28127%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/attack-on-montenegro-further-evidence-of-nation-state-and-cybercriminal-crossover" class="post-name"><span class="underline">Attack on Montenegro Further Evidence of Nation-State and Cybercriminal Crossover</span></a> <p>Given the reckless attacks on Montenegro, all nations should be on high alert regardless of how close they are geographically or politically to the Ukrainian-Russian conflict. Why else would reports surface that the FBI rushed a team of cybersecurity experts to Montenegro if there wasn't a clear indication of Russian involvement? </p> <p class="date-and-duration"> <span class="publish-date">September 1, 2022 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-report-ragnar-locker-ransomware-targeting-the-energy-sector"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-08-30T093119.758.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-report-ragnar-locker-ransomware-targeting-the-energy-sector" class="post-name"><span class="underline">THREAT ANALYSIS REPORT: Ragnar Locker Ransomware Targeting the Energy Sector</span></a> <p>Ragnar Locker is a ransomware family with security evasion capabilities which is targeting the energy sector and recently claimed to have breached DESFA, a Greek pipeline company...</p> <p class="date-and-duration"> <span class="publish-date">September 1, 2022 /</span> <span class="read-time"> 8 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-software-bill-of-materials-sbom"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%2825%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-software-bill-of-materials-sbom" class="post-name"><span class="underline">Malicious Life Podcast: Software Bill of Materials (SBOM)</span></a> <p>In May 2021, following the SolarWinds and the Colonial Pipeline attacks, the Biden administration published a presidential Executive Order mandating the use of SBOMs - Software Bill of Materials - in all government agencies. What are SBOMs and how useful are they in cybersecurity? Nate Nelson talks to two experts: Allan Friedman (CISA) and Chris Blask (Cybeats) - check it out...</p> <p class="date-and-duration"> <span class="publish-date">August 31, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/the-importance-of-actionable-threat-intelligence"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-08-30T082701.462.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/the-importance-of-actionable-threat-intelligence" class="post-name"><span class="underline">The Importance of Actionable Threat Intelligence</span></a> <p>The challenge with threat hunting is the fidelity of the detections. How does a threat analyst have trust in the tools they use–and of course, if they don’t trust them, then how long does it take them to verify manually?</p> <p class="date-and-duration"> <span class="publish-date">August 31, 2022 /</span> <span class="read-time"> 6 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/webinar-thursday-september-8th-2022-ransomware-impact-on-incident-response-strategies"><img src="https://www.cybereason.com/hubfs/blog-post-text%20%28126%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/webinar-thursday-september-8th-2022-ransomware-impact-on-incident-response-strategies" class="post-name"><span class="underline">Webinar Thursday September 8th 2022: Ransomware Impact on Incident Response Strategies</span></a> <p>Over the last five years ransomware operations evolved both in capabilities and the degree of organizational structure behind it. In this webinar, we’ll cover the changes, what they mean and how cybersecurity strategies need to adapt to match this changing threat. But most importantly, have we learned from our past mistakes?</p> <p class="date-and-duration"> <span class="publish-date">August 30, 2022 /</span> <span class="read-time"> 1 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/hackers-vs.-attackers-its-not-always-black-and-white"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-08-30T070701.315.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/hackers-vs.-attackers-its-not-always-black-and-white" class="post-name"><span class="underline">Hackers vs. Attackers: It’s Not Always Black and White</span></a> <p>Fire – good or bad? What about the internet? Taxes? Technology? If your answer is, “it depends,” you’re right, of course. And it’s the same for those with keen hacking skills - it all depends on how they are used...</p> <p class="date-and-duration"> <span class="publish-date">August 30, 2022 /</span> <span class="read-time"> 4 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/cybereasons-malop-severity-score-extended-response"><img src="https://www.cybereason.com/hubfs/cybereason%20MDR%20fast%20efficient%20effective.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/cybereasons-malop-severity-score-extended-response" class="post-name"><span class="underline">Cybereason MDR: Fast, Efficient, Effective</span></a> <p>The MalOp Severity Score and Extended Response enable threat detection in less than 1 minute, triage in less than 5 minutes, and remediation in less than 30 minutes. ..</p> <p class="date-and-duration"> <span class="publish-date">August 25, 2022 /</span> <span class="read-time"> 3 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-havanacrypt-ransomware-masquerading-as-google-update"><img src="https://www.cybereason.com/hubfs/blog-post-text%20%28125%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-havanacrypt-ransomware-masquerading-as-google-update" class="post-name"><span class="underline">THREAT ALERT: HavanaCrypt Ransomware Masquerading as Google Update</span></a> <p>First observed in June 2022 in the wild, HavanaCrypt Ransomware masquerades as a legitimate Google Chrome update with sophisticated anti-analysis techniques and other functionality that may be used for data exfiltration and privilege escalation...</p> <p class="date-and-duration"> <span class="publish-date">August 22, 2022 /</span> <span class="read-time"> 5 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/malicious-life-podcast-leo-kuvayev-the-czar-of-spammers"><img src="https://www.cybereason.com/hubfs/Malicious-Life-episode%20%2824%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/malicious-life-podcast-leo-kuvayev-the-czar-of-spammers" class="post-name"><span class="underline">Malicious Life Podcast: Leo Kuvayev– The Czar of Spammers</span></a> <p>A ruthless person for whom the end truly justifies the means, Leo Kuvayev was very successful as a cybercriminal. But even a genius criminal can go just one step too far - check it out...</p> <p class="date-and-duration"> <span class="publish-date">August 22, 2022 /</span> <span class="read-time"> </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-alert-inside-the-redeemer-2.0-ransomware"><img src="https://www.cybereason.com/hubfs/blog-post-text%20%28124%29.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-alert-inside-the-redeemer-2.0-ransomware" class="post-name"><span class="underline">THREAT ALERT: Inside the Redeemer 2.0 Ransomware</span></a> <p>A new and improved Redeemer 2.0 ransomware version was released on an underground forum and is described by the developers as a “C++ no dependency ransomware with no privacy intrusions” targeting the Windows OS with support for Windows 11 systems...</p> <p class="date-and-duration"> <span class="publish-date">August 19, 2022 /</span> <span class="read-time"> 2 minute read </span> </p> </div> </div> <div class="column is-4-fullhd is-6-desktop is-half-tablet is-full-mobile blog-listing__single-post"> <a class="featured-image" href="https://www.cybereason.com/blog/threat-analysis-report-bumblebee-loader-the-high-road-to-enterprise-domain-control"><img src="https://www.cybereason.com/hubfs/blog-post-text%20-%202022-08-15T115923.524.png"></a> <div class="text-rec_post-bundle"> <a href="https://www.cybereason.com/blog/threat-analysis-report-bumblebee-loader-the-high-road-to-enterprise-domain-control" class="post-name"><span class="underline">THREAT ANALYSIS REPORT: Bumblebee Loader – The High Road to Enterprise Domain Control</span></a> <p>Cybereason GSOC observed distribution of the Bumblebee Loader and post-exploitation activities including privilege escalation, reconnaissance and credential theft. Bumblebee operators use the Cobalt Strike framework throughout the attack and abuse credentials for privilege escalation to access Active Directory, as well as abusing a domain administrator account to move laterally, create local user accounts and exfiltrate data...</p> <p class="date-and-duration"> <span class="publish-date">August 17, 2022 /</span> <span class="read-time"> 10 minute read </span> </p> </div> </div> </div> </section> </div> </div> </div> </div> </div> </div> </div> <div class="footer-container-wrapper"> <div class="footer-container container-fluid"> <div class="row-fluid-wrapper row-depth-1 row-number-1 "> <div class="row-fluid "> <div class="span12 widget-span widget-type-custom_widget " style="" data-widget-type="custom_widget" data-x="0" data-w="12"> <div id="hs_cos_wrapper_module_161361760419820" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_module" style="" data-hs-cos-general-type="widget" data-hs-cos-type="module"> <footer class="cr-section cr-footer cr-footer__full"> <div class="container page-center"> <div class="columns"> <div class="column is-6-fullhd is-5-desktop cr-footer__col cr-footer__left"> <div class="cr-footer__Left-logo"> <a href="https://www.cybereason.com"> <img src="https://www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/cr-logo-inline--primary-white.png"> </a> </div> </div> <div class="columns column is-6-fullhd is-6-desktop cr-footer__col cr-footer__right"> <div class="cr-footer__links-list column"> <h4>About</h4> <ul> <li><a href="https://www.cybereason.com/company/who-we-are">Who We Are</a> </li><li><a href="https://www.cybereason.com/company/careers">Careers</a>  </li><li><a href="https://www.cybereason.com/company/contact-us">Contact</a> </li></ul> </div> <div class="cr-footer__links-list column"> <h4>Resources</h4> <ul> <li><a href="https://www.cybereason.com/blog">Blog</a></li> <li><a href="https://www.cybereason.com/resources/tag/case-study">Case Studies</a></li> <li><a href="https://www.cybereason.com/resources/tag/webinars">Webinars</a></li> <li><a href="https://www.cybereason.com/resources/tag/white-papers">White Papers</a></li> </ul> </div> <div class="cr-footer__links-list column"> <h4>Platform</h4> <ul> <li><a href="https://www.cybereason.com/platform">Overview</a></li> <li><a href="https://www.cybereason.com/platform/endpoint-prevention">Endpoint Protection</a></li> <li><a href="https://www.cybereason.com/platform/endpoint-detection-response-edr">EDR</a></li> <li><a href="https://www.cybereason.com/platform/managed-detection-response-mdr">MDR</a></li> </ul> </div> </div> </div> </div> <div class="container page-center"> <div class="columns cr-footer__bottom-bar"> <div class="column"> <p>©Cybereason 2025. All Rights Reserved.</p> </div> <div class="column bottom-bar__links"> <ul> <li><a href="https://www.cybereason.com/terms-of-use">Terms of Use</a></li> <li><a href="https://www.cybereason.com/privacy-notice">Privacy Notice</a></li> <li><a href="https://www.cybereason.com/ccpa-privacy-request">Do Not Sell</a></li> <li><a href="https://www.cybereason.com/security">Security</a></li>  </ul> </div> <div class="column bottom-bar__social"> <ul> <li><a class="facebook" href="https://www.facebook.com/Cybereason/"></a></li> <li><a class="twitter" href="https://twitter.com/cybereason"></a></li> <li><a class="youtube" href="https://www.youtube.com/channel/UCOm7AaB0HiNH4Phe66sK0Ew"></a></li> <li><a class="linkedin" href="https://www.linkedin.com/company/cybereason"></a></li> <li><a class="instagram" href="https://www.instagram.com/cybereason"></a></li> </ul> </div> </div> </div> </footer></div> </div> </div> </div> </div> </div>  <script defer src="/hs/hsstatic/content-cwv-embed/static-1.1293/embed.js"></script> <script src="https://www.cybereason.com/hs-fs/hubfs/hub_generated/template_assets/1/42361848682/1741528345252/template_swiper-bundle.min.js"></script> <script src="https://www.cybereason.com/hs-fs/hubfs/hub_generated/template_assets/1/42507089303/1741528346196/template_animatedModal.min.js"></script> <script> var hsVars = hsVars || {}; hsVars['language'] = 'en'; </script> <script src="/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js"></script> <script src="https://www.cybereason.com/hs-fs/hubfs/hub_generated/module_assets/1/41681847227/1741488491170/module_CR_-_Malicious_Life_Network_--_Tier_One_Header.min.js"></script> <script src="https://www.cybereason.com/hs-fs/hubfs/hub_generated/module_assets/1/41682410610/1741488492472/module_CR_-_Malicious_Life_Network_--_Main_Hero.min.js"></script> <script src="https://www.cybereason.com/hs-fs/hubfs/hub_generated/module_assets/1/41891778605/1741488495726/module_CR_-_Malicious_Life_Network_--_Homepage_Main_Content.min.js"></script>  <script data-hs-allowed="true" src="/_hcms/forms/v2.js"></script> <script data-hs-allowed="true"> hbspt.forms.create({ portalId: '3354902', formId: '0caba5f8-036c-4fa7-83d6-166a0180e075', formInstanceId: '7385', pageId: '65882240630', region: 'na1', pageName: 'Cybereason Blog | Cybersecurity News and Analysis', contentType: 'listing-page', formsBaseUrl: '/_hcms/forms/', css: '', target: '#hs_form_target_module_1614137141733223_blog_subscribe_7385', formData: { cssClass: 'hs-form stacked' } }); </script>  <script defer src="https://js.hubspot.com/web-interactives-embed.js" type="text/javascript" id="hubspot-web-interactives-loader" data-loader="hs-previewer" data-hsjs-portal="3354902" data-hsjs-env="prod" data-hsjs-hublet="na1"></script>  <script src="https://www.cybereason.com/hs-fs/hubfs/hub_generated/module_assets/1/101676211074/1741488775972/module_CR_-_Exit_Intent_--_No_Form_--_Flexible.min.js"></script>  <script async data-hs-portal-id="3354902" data-hs-ignore="true" data-cookieconsent="ignore" data-hs-page-id="65882240630" src="https://static.hsappstatic.net/video-embed/ex/loader.js"></script>  <script type="text/javascript"> var _hsq = _hsq || []; _hsq.push(["setContentType", "listing-page"]); _hsq.push(["setCanonicalUrl", "https:\/\/www.cybereason.com\/blog"]); _hsq.push(["setPageId", "65882240630"]); _hsq.push(["setContentMetadata", { "contentPageId": 65882240630, "legacyPageId": "65882240630", "contentFolderId": null, "contentGroupId": 5272851739, "abTestId": null, "languageVariantId": 65882240630, "languageCode": "en", }]); </script> <script type="text/javascript" id="hs-script-loader" async defer src="/hs/scriptloader/3354902.js"></script>  <script type="text/javascript"> var hsVars = { render_id: "f4b1a33f-f3f9-491f-80d4-f256db76aef9", ticks: 1744231901984, page_id: 65882240630, content_group_id: 5272851739, portal_id: 3354902, app_hs_base_url: "https://app.hubspot.com", cp_hs_base_url: "https://cp.hubspot.com", language: "en", analytics_page_type: "listing-page", scp_content_type: "", analytics_page_id: "65882240630", category_id: 7, folder_id: 0, is_hubspot_user: false } </script> <script defer src="/hs/hsstatic/HubspotToolsMenu/static-1.432/js/index.js"></script> <script>if ($('[id^="hs_form"]').length > 0) { var myInterval = setInterval( function() { var myFields = document.getElementsByClassName('hs-input'); if (myFields.length > 0) { clearInterval(myInterval); for (var i = 0; i < myFields.length; i++) { var myField = myFields[i]; var myTagName = myField.tagName.toLowerCase(); if (myTagName == 'input' || myTagName == 'textarea') { if (myField.placeholder != null) { myField.placeholder = myField.placeholder.replace('*', ''); } } else if (myTagName == 'select') { myField.options[0].innerHTML = myField.options[0].innerHTML.replace('*', ''); } } } }, 100); } </script> <div id="fb-root"></div> <script>(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_GB/sdk.js#xfbml=1&version=v3.0"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));</script> <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="https://platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>  <script type="text/javascript" src="/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2088675763" async></script></body></html>