Two federal indictments against APT41, a Chinese state-sponsored hacking group, haven't slowed down its operations, the U.S. government acknowledges in a warning telling the healthcare sector to be vigilant about the threat actor. The hackers are believed to be at large, likely in China.
The latest edition of the ISMG Security Report discusses financial giant Morgan Stanley's failure to invest in proper hard drive destruction oversight, the future of ransomware and the gangs that have attacked organizations in recent years, and the methods required to secure new payments systems.
CrowdStrike has purchased external attack surface management startup Reposify to help organizations detect and eliminate risk from vulnerable and unknown assets. This deal will allow CrowdStrike to combine its insights on endpoints and IT environments with Reposify's internet-scanning capabilities.
APT29 and other threat actors have used several methodologies to move laterally from on-premises networks to the cloud, specifically Microsoft 365. This report will help organizations understand these techniques used by APT29, how to proactively harden their environments, and how to remediate environments where...
Mandiant assesses with high confidence that APT42 is an Iranian state-sponsored cyber espionage group tasked with conducting information collection and surveillance operations against individuals and
organizations of strategic interest to the Iranian government. It’s anticipated that APT42 will continue to conduct...
The Defender’s Advantage Cyber Snapshot offers insights into cyber defense topics of growing importance based on Mandiant frontline observations and real-world experiences. To no surprise, 25.81% of the data repositories and data leak issues observed were on exposed version control repositories.
Mandiant offers five use-case based subscriptions providing organizations with up-to-the-minute updated threat intelligence to perform their security tasks faster and with more accuracy.
Download this report and learn more about:
Mandiant’s 5 Cyber subscriptions including Mandiant’s free Advantage Threat...
This DNS threat report can help you discover the most recent real-life threats you could be at risk for and how DNS-layer security helps you stop threats before a connection is even made.
Download this report to learn more about;
Ways to enhance your security posture
The lifecycle of malicious cyber-attack...
Beleaguered vendor IronNet will execute another round of layoffs, axing nearly 90 employees and removing co-CEO William Welch and CFO James Gerber from their posts. IronNet revealed plans to reduce its 250-person staff by approximately 35% less than three months after laying off 55 people.
The traditional security monitoring architecture has been troubling security teams with data silos, performance issues, and delays in retrieving archived data for years. Many analysts who continue to operate with the antiquated SIEM architecture stack also experience a high volume of alerts—with many false...
Mandiant began its new life as part of Google on Monday after the search and public cloud behemoth closed a $5.4 billion acquisition. The megadeal will allow Google to join the back-end data analytics from its Chronicle SIEM platform with Mandiant's ability to identify signals of abnormal behavior.
Thoma Bravo halted efforts to buy publicly traded cybersecurity AI vendor Darktrace this week after the two sides failed to agree on the terms of the buyout. The private equity giant walked away from what would have been its third take-private cybersecurity acquisition of 2022.
Whether for profit or in furtherance of Russian geopolitical interests - or both - former members of the Conti ransomware group have been targeting networks operated by the Ukrainian government and businesses, as well as European nonprofit organizations, Google's Threat Analysis Group reports.
An Iranian state-sponsored group in operation since 2015 relies on highly targeted social engineering to try and attack individuals and organizations that Tehran deems enemies of the regime, says a new report from cyberthreat intelligence firm Mandiant.
Last year, Rowland Johnson took on the role of president of CREST, the international not-for-profit membership body representing the global cybersecurity industry. Over the past 12 months, he says, he's taken time to "pause and reflect" and "define a new vision and mission" for CREST.