Microsoft’s Failure to Prioritize Security Puts Everyone at Risk
JJ Cranford | | Anti-Ransomware, antivirus, Cybereason Anti-Ransomware Solution, EDR, Endpoint Controls, endpoint detection and response, Endpoint Protection Platform, enterprise security, EPP, Exploits, Extended Detection and Response, Hafnium, Microsoft, microsoft defender, Microsoft Exchange, Microsoft Hypertext Markup Language, Network Security, Next Generation Antivirus, ngav, ProxyLogon, ProxyShell, SolarWinds Attacks, Unified Endpoint Security, Vulnerabilities, vulnerability
It has been a very busy year when it comes to Microsoft zero-day attacks. According to KrebsOnSecurity, May is the only month in 2021 that Microsoft didn’t release a patch to defend against at least one zero-day exploit. And Microsoft vulnerabilities are playing a bigger role in the spate of ... Read More
Three Pillars of Infosec: Confidentiality, Integrity and Availability
JJ Cranford | | Anti-Ransomware, CIA Triad, Confidentiality, Integrity and Availability, Cybereason Anti-Ransomware Solution, Cybersecurity, DeadRinger, Endpoint Controls, endpoint detection and response, Endpoint Protection Platform, Infosec, Microsoft Exchange, MITRE ATT&CK Framework, Next Generation Antivirus, Operation-Centric Security, Privacy, Ransomware, security, Unified Endpoint Security, zero trust
Resurgent data breaches that can be tied back to a failure to adhere to basic infosec principles have been an unpleasant surprise in a world of modern security frameworks and maturing processes, but they serve as a useful reminder to us all that there is immense value in mastering the ... Read More
Unpacking the Gartner Critical Capabilities Research
JJ Cranford | | Cybersecurity, EDR, endpoint detection and response, Endpoint Protection Platform, Gartner Critical Capabilities, Gartner EPP MQ, Infosec, MITRE ATT&CK Framework, security, Unified Endpoint Security
The importance of third-party research and testing cannot be overstated in the current security marketscape. Important details for consideration when evaluating a solution to onboard for detection and response can be obscure and difficult to clearly understand. Vendors will always position themselves in as positive of a light as possible, ... Read More
MITRE ATT&CK: Cybereason Dominates the Competition
JJ Cranford | | Advanced persistent threat, APT, Carbanak, EDR, endpoint detection and response, Endpoint Protection Platform, EPP, FIN7, MITRE ATT&CK Framework, prevention, testing
The long-awaited 2020 MITRE ATT&CK evaluations are out! With the MITRE ATT&CK framework now being the standard by which Defenders can measure the effectiveness of various solutions in tracking adversary behavior, cyber vendors are cherry-picking results from this latest testing round and spinning up clever interpretations of the data in ... Read More
Rise of Double-Extortion Shines Spotlight on Ransomware Prevention
JJ Cranford | | Cybersecurity, EDR, endpoint detection and response, Endpoint Protection Platform, Extended Detection and Response, Infosec, Malware, Next Generation Antivirus, Ransomware, secops, security, Threat Intelligence, XDR
Double extortion is a tactic employed by some ransomware gangs. It begins when a crypto-malware strain steals information stored on a victim’s machine before launching its encryption routine ... Read More
Ransomware Defense: Three Implementations Every Security Team Needs
Few will be shocked to hear that ransomware attacks are continuing to accelerate at a torrid pace - but the more concerning trend is the effectiveness of ransomware at creating chaos and paralyzing business operations ... Read More