If you want to learn more about working with operational technology (OT) and internet-connected devices, then don’t miss today’s episode with Francis Cianfrocca, CEO of Insight Cyber Group. He discusses…
Posts Written ByThreatRavens
Incident Response for Health Care IT: Differences and Drivers
Threat actors continue to target the health care industry. IBM’s Threat Intelligence Index for 2022 rates the industry as the sixth most targeted. That puts it close behind the energy…
OpenTIP, command line edition
We released Python-based command line tools for our OpenTIP service that also implement a client class that you can reuse in your own tools.
Security Automation Can Save You $3.05M in a Data Breach
When it comes to reducing security breach costs, companies with security artificial intelligence (AI) and automation can save millions, per a new report. According to the most recent IBM Cost…
VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges
In late August 2020, we published an overview of DeathStalker’s profile and malicious activities, including their Janicab, Evilnum and PowerSing campaigns (PowerPepper was later documented in 2020). Notably, we exposed why we believe the threat actor may fit a group of mercenaries, offering hack-for-hire services, or acting as an information broker to support competitive and
How to manage cybersecurity projects with limited resources | Cyber Work Live
A Cyber Work Live viewer asked how they can better manage cybersecurity projects that have limited time and resources. Ginny Morton of Delloitte and Jackie Olshack of Dell shared their…
Cybersecurity project management: How important are first impressions? | Cyber Work Live
Cybersecurity project managers need to make a good first impression with their teams to effectively build relationships and complete the project on time. Ginny Morton of Delloitte and Jackie Olshack…
Controlling the Source: Abusing Source Code Management Systems
For full details on this research, see the X-Force Red whitepaper “Controlling the Source: Abusing Source Code Management Systems”. This material is also being presented at Black Hat USA 2022.…
Andariel deploys DTrack and Maui ransomware
Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.
9 Factors to Consider Before Choosing a UEM Solution
The more of your employees who work remotely some or all of the time, the more devices they’re likely to use to conduct business. Employees use their own devices as…