A new and improved Redeemer 2.0 ransomware version was released on an underground forum and is described by the developers as a “C++ no dependency ransomware with no privacy intrusions” targeting the Windows OS with support for Windows 11 systems...

The Cybereason Defense Platform offers multi-tenancy capabilities to enable SOC teams to divide workflows based on roles...

The AI-driven Cybereason XDR Platform detects and blocks MountLocker ransomware which launched back in September 2020. Since then, the attackers have rebranded the operation as AstroLocker, XingLocker, and now in its current phase, the Quantum Locker...

Threat intelligence is transparently integrated into every aspect of the AI-driven Cybereason XDR Platform to enable Threat Hunting for behavioral TTPs...

BlackCat Ransomware gained notoriety quickly leaving a trail of destruction behind it, among its recent victims are German oil companies, an Italian luxury fashion brand and a Swiss Aviation company. Cybereason XDR detects and blocks BlackCat Ransomware...

Cybersecurity and Infrastructure Security Agency (CISA) is warning businesses to prepare for ransomware attacks if Russia invades Ukraine - learn how your organizations can be prepared...

Ukrainian officials attributed the attack to Russia “preparing the ground” for a military invasion with nasty wipers dubbed WhisperGate and HermeticWiper. Cybereason Anti-Ransomware and Anti-MBR corruption technology detects and blocks WhisperGate and HermeticWiper...

Prior to the deployment of the Lorenz ransomware, the attackers attempt to infiltrate and move laterally throughout the organization, carrying out a fully-developed RansomOps attack - the Cybereason XDR Platform fully detects and prevents the Lorenz ransomware...

The Cybereason XDR Platform provides a unified view of your endpoints, allowing analysts to quickly remediate complex threats across multiple machines...

The Cybereason MalOp detection engine to identify malicious behaviors with extremely high confidence levels, reducing false positives by a factor of 10...

The Google Cloud and Cybereason partnership shifts the XDR paradigm to “detect, understand, anticipate" by introducing a prognostic element that anticipates attacker behaviors to deliver faster conviction of potentially malicious activity...

The Cybereason Defense Platform detects and prevents Prometheus ransomware, a relatively new variant first observed in February of 2021 that has impacted more than 40 companies...

Cybereason detects and blocks REvil ransomware, protecting our customers and those of our Managed Services Provider partners in the wake of the Kaseya supply chain attacks...

The Cybereason Defense Platform detects and blocks REvil ransomware, allowing defenders to protect their organizations from this evolving threat...

Cybereason is excited to announce it was named a finalist in the Best Endpoint Security category of the 2021 SC Awards Europe competition...

Cybereason Nocturnus Team has been tracking the Avaddon Ransomware since June 2020 and the double extortion model...

The MalOp provides a contextualized view of the full attack narrative correlated across all impacted endpoints and users so security analysts can respond to threats with an operation-centric approach...

DarkSide ransomware follows the double extortion trend where the threat actors first exfiltrate the data and threaten to make it public if the ransom demand is not paid, rendering backing up data as a precaution against a ransomware attack moot...

The NetWalker ransomware has been targeting organizations in the US and Europe including several healthcare organizations, despite several known threat actors publicly claiming to abstain from targeting such organizations due to COVID-19.

The Cybereason Nocturnus Team has been tracking the activity around the RansomEXX, being used as a part of multi-staged human-operated attacks targeting various government related entities and tech companies.

Since first emerging in May 2020, the ransomware operators (aka. the Conti Gang) claim to have over 150 successful attacks with millions in extortion fees. Download the Indicator's of Compromise to search for Conti in your own environment.

We spent some time with Israel Barak, Chief Information Security Officer at Cybereason, who discussed some of the challenges of running a world-wide SOC remotely during the pandemic.

The Cybereason Nocturnus team has been tracking the activity of the Cl0p ransomware, a variant of CryptoMix ransomware. Download the Indicator's of Compromise to search for Cl0p in your own environment...

On December 13, 2020, IT infrastructure management provider SolarWinds issued a Security Advisory regarding their SolarWinds Orion Platform after experiencing a “highly sophisticated” supply chain attack.

We spent some time with Jake Williams - founder and President at Rendition Infosec and SANS Instructor - discusses some of the challenges in remotely running a successful infosec consultancy.

Ryuk ransomware is most often seen as the final payload in a larger targeted attack against a corporation, and since its return in September, it has been mainly delivered via TrickBot or BazarLoader infections.

We spent some time with Katie Nickels - current Director of Intelligence at Red Canary and formerly MITRE ATT&CK Threat Intelligence Lead - to discuss applied threat intelligence, prioritizing threats for impact, and working incident response in remote environments.

We spent some time with Rachel Tobac discussing techniques, awareness and training for organizations seeking to limit the risk from one of the most difficult security threats to counter - social engineering attacks

Egregor is a newly identified ransomware variant that was first discovered in September, 2020, and has recently been identified in several sophisticated attacks on organizations worldwide, including the games industry giants Crytek and Ubisoft. 

Cybereason CSO Sam Curry shares insights on tackling tough security challenges from a strategic perspective as well as from the point of view of a leader of security operations teams working tirelessly to reverse the adversary advantage and return the high ground to the defenders.

There have been reports of MedusaLocker attacks across multiple industries, especially the healthcare industry which suffered a great deal of ransomware attacks during the COVID-19 pandemic.

Not long ago we were fortunate to grab some time with Steph Ihezukwu who shared her insights and observation on everything from diversity in tech to how to collaborate with teams in the age of remote work and heightened security concerns.

Cybereason co-founder Yonatan Striem-Amit discusses the challenges inherent in addressing security breaches remotely.

We were lucky enough to grab some time with Tanya Janca to discuss some key issues around security in times of crisis.