US CERT Alert AA24-242A (RansomHub Ransomware)
RansomHub is a ransomware-as-a-service variant—formerly known as Cyclops and Knight—that has established itself as an efficient and successful service model. The post US CERT Alert AA24-242A (RansomHub Ransomware) appeared first on SafeBreach ...
Voices from Validate: The Role of Breach & Attack Simulation in Cybersecurity Testing
Hear the AVP of Threat Management & Response at Humana discuss what BAS is, what it isn’t, and how to get the best return on your security investments. The post Voices from ...
SafeBreach Coverage for AA24-241A (Ransomware Attacks by Iranian Threat Group – Fox Kitten)
The Iranian threat group Fox Kitten has been consistently targeting U.S. and international organizations between 2017 and 2024. The post SafeBreach Coverage for AA24-241A (Ransomware Attacks by Iranian Threat Group – Fox ...
Windows Downdate Attacks, Quick Share Vulnerability Exploit, and More: Hacker’s Playbook Threat Coverage Round-up: August 2024
New and updated coverage for Windows Downdate Attacks, Quick Share Vulnerability Exploit, MagicRAT, and More The post Windows Downdate Attacks, Quick Share Vulnerability Exploit, and More: Hacker’s Playbook Threat Coverage Round-up: August ...
Gartner® Hype Cycle™ for Security Operations, 2024
While programs like CTEM may be upcoming, Gartner® Hype Cycle for Security Operations recommends making incremental shifts early on. The post Gartner® Hype Cycle™ for Security Operations, 2024 appeared first on SafeBreach ...
Gartner Report: Implement a Continuous Threat Exposure Management (CTEM) Program
Learn more about the top challenges and the different tools and techniques that can support continuous validation within a CTEM program. The post Gartner Report: Implement a Continuous Threat Exposure Management (CTEM) ...
QuickShell: Sharing Is Caring about an RCE Attack Chain on Quick Share
See how a SafeBreach Labs researcher bypassed the anti-tampering mechanism of a leading EDR to execute malicious code within one of the EDR's own processes and altered the mechanism to gain unique, ...
Updated SafeBreach Coverage for AA23-061A – BlackSuit (Royal) Ransomware
BlackSuit ransomware is the evolution of the ransomware previously identified as Royal ransomware. The post Updated SafeBreach Coverage for AA23-061A – BlackSuit (Royal) Ransomware appeared first on SafeBreach ...
Windows Downdate: Downgrade Attacks Using Windows Updates
A SafeBreach researcher took over the Windows Update process to make the term “fully patched” meaningless on any Windows machine in the world. The post Windows Downdate: Downgrade Attacks Using Windows Updates ...
Poseidon Infostealer, DoNex Ransomware, ElDorado Ransomware, and More: Hacker’s Playbook Threat Coverage Round-up: July 2024
New and updated coverage for ransomware and malware variants, including AI Threat Scenario, GuLoader, DarkGate, MirrorBlast, & Kutaki Stealer The post Poseidon Infostealer, DoNex Ransomware, ElDorado Ransomware, and More: Hacker’s Playbook Threat ...
