Cl0p Ransomware Gang Tries to Topple the House of Cards
When I wrote the introduction for our recent report Organizations at Risk: Ransomware Attackers Don’t Take Holidays, I described current factors and trends with the potential to disrupt the upcoming holiday season. ... Read More
Dear Defenders,
The changing of the leaves and the brisk fall mornings around Boston are a sign that 2021 is nearing its end. It’s a time that I like to reflect on the year gone by and think about the potential for the new year. ... Read More
Ransomware Whack-a-Mole
Pretty much everyone is familiar with the carnival game Whack-a-Mole. No matter how many moles you bash with the mallet, it seems like two more pop up in its place. It’s commonly used to describe cybersecurity and the ransomware news this week illustrates why Whack-a-Mole is an appropriate metaphor ... Read More
The CISA Directive Is Crucial for Cybersecurity
As the CEO of a cybersecurity company, it’s important to stay informed--to know about breaking news, emerging threats, and rising trends to provide direction for the company and protection for our customers. One story that stood out to me last week was the news that CISA issued a new directive ... Read More
NOBELIUM Demonstrates Why Microsoft Is the Weakest Link
Microsoft platforms and products are ubiquitous. Government agencies and companies of all sizes and industries around the world rely on Microsoft software to get things done. They are also riddled with security weaknesses and vulnerabilities, which makes them a common--almost universal--vector for attacks. Microsoft is an Achilles heel that can ... Read More
Microsoft OneDrive Used for Ransom Operations
Microsoft was called out recently after it was discovered that hundreds of malware files commonly used to launch Conti ransomware attacks are being hosted from their OneDrive cloud storage service. The news highlights once again that Microsoft needs to invest significant time and resources just to get its own security ... Read More
Ransomware: The Global Cybersecurity Pandemic
I am sitting in Paris this week at the Les Asis conference, but my mind is also on Biden’s ransomware summit as ransomware took center stage again this week. No, not because of a major ransomware attack shutting down critical infrastructure or grinding production to a halt. In fact, the ... Read More
Protecting the US Government from Cyber Attacks
The US government--along with private organizations regardless of size or industry--has been a prime target this year for cyber attacks and cyber espionage. As a dominant economic, political, and military force in the world, US federal agencies are under constant siege from both cybercriminals and nation-state adversaries. This week, we ... Read More
If You Prevent Ransomware You Don’t Need to Recover from It
I started Cybereason to help defenders protect their networks and data against attacks—to use what I know about how cybercriminals think and how adversaries work to give defenders an advantage against all threats. Right now, one of the most pervasive threats is ransomware, and I am proud to say that ... Read More
1,460-Day Old Known Vulnerability Catches Microsoft Off Guard
Vulnerabilities are a fact of life. I started my career in cybersecurity finding and exploiting those vulnerabilities to conduct nation-state offensive operations. I understand the simple reality that there is no such thing as perfect code, and that even the most secure application can be compromised given enough time. But ... Read More
