[r In the News

Screenshot

‘Strictly limit’ remote desktop – unless you like catching BianLian ransomware

The FBI and friends have warned organizations to “strictly limit the use of RDP and other remote desktop services” to avoid BianLian infections and the ransomware gang’s extortion attempts that follow the data encryption.

Screenshot

Russia-Ukraine war, and the fears of NotPetya-style attacks

Cyber activity since the invasion shows the difference between peacetime and wartime attacks. Read Adam Flatley’s article on the Russo-Ukraine war’s impact on cybersecurity and the need to bolster defenses against attacks such as NotPetya.

[r Press Releases


Former NSA Director of Operations Appointed as Vice President of Intelligence; Will Lead Team Delivering Actionable Threat Intelligence to Customers AUSTIN, Texas–(BUSINESS WIRE)–[redacted], the mission-driven cybersecurity company that levels the playing field against attackers, today announced that Adam Flatley has been promoted to Vice President of Intelligence leading the [redacted] Intelligence Cell, recently renamed [rTIC Ghost Group. The team of battle-hardened cybersecurity and intelligence experts focuses on technical and human intelligence collection, analysis, and production.


[redacted] Continues Leadership Team Growth with Appointment of Aaron Ansari as Chief Revenue Officer 20-Year Industry Veteran with Deep Security Experience Joins [redacted] to Accelerate Sales Growth AUSTIN, Texas – August 8, 2022 – [redacted], the mission-driven cloud defense company that levels the playing field against attackers, today announced the appointment of Aaron Ansari as Chief Revenue Officer. In this newly created role, Aaron will lead [redacted]’s sales and marketing organizations as the company continues its rapid growth and expansion.


AUSTIN, Texas – July 11, 2022 – [redacted], the mission-driven cloud defense company that levels the playing field against attackers, today announced the appointment of Jim Hansen as CEO. With the addition of Hansen to the executive team, [redacted] co-founder and former CEO Max Kelly will elevate his role to executive chairman. Max will work with Jim to continue driving the company’s mission of providing the advanced product-enabled solutions required for organizations of all sizes to proactively defend themselves against nation-state attackers.


SAN FRANCISCO – June 7, 2022 – [redacted], the mission-driven cloud defense company that levels the playing field against attackers, today made its Threat Intelligent Detection Engine [TIDE] available to the public for testing and community-driven extensibility. [TIDE] is a binary analysis platform built by security practitioners for security practitioners. As an integrated piece of [redacted]’s cloud-native platform, [RIP//TIDE], which scales delivery of its layered defense services, [TIDE] automates the technical analysis of all files and immediately shares results with clients.


SAN FRANCISCO – June 7, 2022 – [redacted], the mission-driven cloud defense company that levels the playing field against attackers, today announced a partnership with ByteChek, the all-in-one compliance automation company that simplifies cybersecurity compliance for companies of all sizes. Through the alliance, [redacted] is using the ByteChek platform to significantly streamline SOC 2 and HIPAA compliance audits as part of its tailored cybersecurity services. In addition, ByteChek customers who require help with remediation or implementation of compliance audit results will use [redacted] as a preferred service provider.


SAN FRANCISCO – March 21, 2022 – [redacted], the mission-driven cloud security company that levels the playing field against attackers, today announced that it has been named to the Forbes list of America’s Best Startup Employers. This prestigious award recognizes the top 500 high-growth companies with exceptional culture and work environments. “We are honored to be recognized by Forbes as one of the top employers in Security,” said Max Kelly, co-founder and CEO of [redacted].


SAN FRANCISCO – February 15, 2022 – [redacted], the mission-driven cloud security company that levels the playing field against attackers, today announced the appointment of Tim Kosiba as Chief Executive Officer of bracket f, Inc., a wholly owned subsidiary of [redacted] focused on the government market. In this newly-formed position, Kosiba will forge trusted partnerships with organizations across federal, state and local governments by providing the services, solutions, and training required to mount an effective defense against cyberthreats.


SAN FRANCISCO–(BUSINESS WIRE)–[redacted], the mission-driven cloud security company that levels the playing field against attackers, today launched the Threat Intelligent Detection Engine (TIDE). As a major expansion of its cloud-native platform that scales delivery of [redacted]’s layered defense services, TIDE automates the technical analysis of all files and immediately shares results with clients. “Not only does this empower our clients in their SOC, it also provides structured interaction for our team members to provide orchestrated response.


SAN FRANCISCO – November 17, 2021 – [redacted], the mission-driven cloud security company that levels the playing field against attackers, today announced that it was selected by the American Hospital Association (AHA) as its Preferred Cybersecurity Provider for its incident response services. The company also was selected by the AHA for its Healthcare Security Services packaged offering that provides member hospitals with cyber program strategy and development and cyber risk assessment among other services.


SAN FRANCISCO–(BUSINESS WIRE)–[redacted], the mission-driven cloud security company that levels the playing field against attackers, today announced it has joined the ISA Global Cybersecurity Alliance (ISAGCA) as its newest founding member. The company will collaborate with fellow alliance members to explore ways to better secure automation and control systems that serve as the backbone of manufacturing and critical infrastructure. The Global Cybersecurity Alliance was established by ISA to advance cybersecurity readiness, education, and best practices in manufacturing and critical infrastructure facilities and processes.


SAN FRANCISCO – October 19, 2021 - [redacted] today announced that William Crowell, the former Deputy Director of the National Security Agency (NSA), has joined the company’s Board of Directors. In this role, Crowell will bring more than 50 years of security, technology, and intelligence experience in the public and private sectors to help guide [redacted] as the company accelerates adoption of its state-of-the-art platform and executes its mission to level the playing field for organizations against sophisticated attackers.


SAN FRANCISCO – August 02, 2021 – [redacted], the mission-driven cloud security company that levels the playing field against attackers, today announced that it has successfully completed the Service Organization Control (SOC) 2 Type 1 audit and certification, validating [redacted]’s commitment to customer data security. The independent audit, conducted by Moss Addams, LLP, focused on [redacted]’s internal controls and procedures related to security, availability, processing integrity, confidentiality and privacy controls, based on compliance with the American Institute of Certified Public Accountants (AICPA) TSC (Trust Services Criteria).


SAN FRANCISCO – June 1, 2021 – [redacted] today emerged from stealth with $35M in Series B funding led by Ten Eleven Ventures, with participation from Valor Equity Partners and SVB Capital. The company will use the funding to scale and accelerate adoption of its state-of-the-art platform and advanced threat intelligence and response capabilities that enable organizations to level the playing field against sophisticated attackers, disrupt their adversaries and protect their businesses.

[r Newsroom Archive

Screenshot

Tangled Up: ‘Tomiris’ APT Uses Turla Malware, Confusing Researchers

Researchers are unraveling the threads connecting two separate, but in some ways overlapping, Russian-language APTs.

Screenshot

Ransomware Attacks Increased by More Than 51% in February

Ransomware activity increased in February according to the latest GRIT Ransomware Report from GuidePoint Security. The report is based on data collected by the GuidePoint Research and Intelligence Team, which reports a 51.5% increase in attacks compared to January and a 15.8% increase in attacks compared to February 2022.

Screenshot

Ransomware group BianLian refines tactics in the face of free decrypter

The BianLian ransomware group burst onto the hacking scene with a frenzied pace of operations. Its infrastructure goes back to 2021, but it was August of last year that saw the group enter an accelerated growth phase, with a number of high-profile ransomware attacks across the globe, including in Australia.

Screenshot

Stung by Free Decryptor, Ransomware Group Embraces Extortion

Not all ransomware groups wield crypto-locking malware. In their continuing quest for extortionate profits, some have moved away from encryption and pressure victims purely by threatening to leak stolen data unless they receive a ransom payment.

Screenshot

Helping Your Managed Services Clients Build Their Own Security Culture

Security is a shared responsibility between MSSPs and their clients. Yes, the provider was hired to do a job – be it SOC operations, threat intelligence or offensive security – but part of the job is also to consult and communicate with the client to help them gain some degree of cyber self-sufficiency. This discussion will reveal how providers can teach their clients how to develop a secure corporate culture, how to share responsibility and accountability for security matters, and how to broaden their security awareness through partnerships with professional development organizations and information sharing groups.

Screenshot

BianLian ransomware group shifts focus to extortion

The shift in the operating model comes as a result of Avast’s release of a decryption tool that allowed a victim of the BianLian ransomware gang to decrypt and recover their files without paying the ransom.

Screenshot

This cybercrime gang will now stop at nothing to extort money using your private data

A ransomware(opens in new tab) group known as BianLian has decided to part ways with its encryptor and focus solely on data theft and extortion instead, experts are reporting. A new report from cybersecurity researchers Redacted spotted BianLian attempting to extort businesses for money - without encrypting their endpoints first.

Screenshot

Pure data extortion pursued by BianLian ransomware

BleepingComputer reports that the BianLian ransomware gang has transitioned to pure data extortion and ditched data encryption efforts in its most recent attacks following the emergence of a free ransomware decryptor in January.

Screenshot

BianLian ransomware crew goes 100% extortion after free decryptor lands

The BianLian gang is ditching the encrypting-files-and-demanding-ransom route and instead is going for full-on extortion.

Screenshot

Financial Scams, Microsoft, BianLian, Leihigh Medical, CISA, & Vile Hackers

Financial Scams, Microsoft, BianLian, Leihigh Medical, CISA, Vile, and More on this episode of the Security Weekly News!

Screenshot

DC Health Link Breach Exposes Private Information of Lawmakers

A DC health insurance service breach has compromised information of Capitol Hill members and staffers. What could a breach impacting lawmakers mean for the outlook on national cybersecurity?

Screenshot

Google wants to reduce lifespan of TLS certificates from one year to just 90 days

Google has announced plans to reduce the maximum lifespan of a TLS certificate from the current value of 398 days to only 90 in a move that is going to send shockwaves across several IT industries.

Screenshot

Has Raging Waters Sydney sprung a leak? Theme-park ransomware threatens Australian fun lovers.

The personal data of millions of Australians may be at risk after cyber criminals stole a reported 1TB of data from Parques Reunidos, a Spanish theme park operator whose multinational portfolio of properties includes Sydney’s popular Raging Waters park.

Screenshot

BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion

The ransomware group has already claimed 116 victim organizations so far on its site, and it continues to mature as a thriving cybercriminal business, researchers said.

Screenshot

A year after Russia’s invasion, the scope of cyberwar in Ukraine comes into focus

The Ukraine war has inspired a defensive cyber effort that government officials and technology executives describe as unprecedented.

Screenshot

Suffolk County starting to restore online services amid months-long cyberattack

New York’s Suffolk County began restoring online services and reconnecting its systems to the internet this month, according to CBS News. It comes five months after being taken offline due to a ransomware attack. The time it took to restore services speaks to how prepared both the government and the private sector should be to respond to ransomware attacks, as well as the need to bring tangible consequences to the threat actors who steal critical data.

Screenshot

FBI working with Tallahassee Memorial after IT security event

Tallahassee Hospital in Florida was forced to cancel all non-emergency surgical and outpatient appointments, diverted some EMS patients and began accepting only the most serious trauma patients following a cyber incident. [redacted] VP of Intelligence Adam Flatley tells Jeffrey Burlew at the Tallahassee Democrat that the incident is “definitely following the pattern of what looks like a ransomware attack.”

Screenshot

IT security event’: ‘All-hands-on-deck’ at TMH with law enforcement investigation underway

Adam Flatley, director of threat intelligence at cybersecurity firm Redacted said cyber-threat actors attack healthcare organizations on a regular basis because they know the “emotional impact” will help force an extortion payment.

Screenshot

FBI wants more ransomware victims to report attacks

[redacted] VP of Threat Intelligence Adam Flatley spoke with Sam Sabin of Axios on the recent HIVE ransomware takedown by US-German law enforcement. According to Adam, despite warnings from threat groups, organizations should be urged to contact federal authorities saying, “While many ransomware gangs threaten victims to not call the feds, the Hive operation shows the FBI is capable of discreetly helping victims.”

Screenshot

3 Ways ChatGPT Will Change Infosec in 2023

ChatGPT took the world by storm after OpenAI opened it for testing on Nov. 30, 2022. For an industry calloused by years of largely unsatisfying AI and machine learning “innovations,” the reactions have been quite telling.

Screenshot

Ransomware experts laud Hive takedown but question impact without arrests

Last week, officials announced that US-German law enforcement took down the notorious Hive ransomware gang, thwarting $130 million in demands for payment from more than 1,500 victims around the world, which included hospitals, schools, financial firms and critical infrastructure. [redacted] VP of Intelligence Adam Flatley says to The Record’s Jonathan Greig that the most likely scenario is that the group will suffer a short-term disruption in operations due to the loss of infrastructure, conduct an internal security review to assess damage and update security practices, and then get back to business as soon as possible because there is just too much money to be made in ransomware.

Screenshot

Royal Mail Posts Progress on Deliveries Following Cyber Incident Disruption

U.K.’s Royal Mail service was hit by an alleged ransomware attack. The organization is now urging customers to refrain from sending packages overseas. [redacted]’s VP of Intelligence Adam Flatley tells InformationWeek’s Carrie Pallardy that “The biggest lesson is that we can’t continue to try to solve the cybersecurity problem with a purely defensive mindset. We need to move forward with an approach that blends together the approaches of preventing what is preventable, responding quickly and effectively to what is not preventable, and actively hunting down malicious cyber actors.

Screenshot

2022 was the year of crippling ransomware attacks on small countries

The country of Vanuatu is the latest victim in a string of crippling ransomware attacks on small countries this year. Experts say various motives underlie these incidents but disagree on whether this trend reflects a shift in threat actors away from well-resourced Western nations.

Screenshot

Joint Ransomware Task Force assesses efforts to combat ransomware

The second meeting of the U.S. Joint Ransomware Task Force held on Wednesday assessed measures and efforts to address the impact and prevalence of ransomware attacks.

Screenshot

Chinese government-linked hacking group allegedly stole $20M in COVID relief funds

A hacking group linked to the Chinese government is alleged to have stolen more than $20 million in COVID relief benefits, including U.S. Small Business Administration loans and unemployment funds in more than a dozen states.

Screenshot

Two enormous cyberattacks convince Australia to ‘hack the hackers’

Industry weighs in on proposed rules for how critical infrastructure organizations should report hacks to the government, and state attorneys general reach a settlement with Google over location tracking.

Screenshot

Feds Urge Healthcare Entities to Train for Incident Response

Speedy, practiced response is key to prevent, mitigate and recover from cyberattacks, say federal regulators amid an uptick in ransomware incidents affecting the healthcare industry.

Screenshot

Former Department of Defense Leader Interprets the Real Cyber Risks in Healthcare

In this episode of Healthcare is Hard, Tim Kosiba, CEO bracket F and former senior government official whose career spans three decades in the Department of Defense, the U.S. Department of the Navy, and the Federal Bureau of Investigation (FBI), shares some of his insider knowledge with Keith Figlioli on topics of growing urgency for everyone in the healthcare industry – from providers, payers and life science companies, to the innovative startups transforming healthcare.

Screenshot

Top Cyber Lessons From Natural Disaster Plans in Healthcare

Healthcare organizations should consider how they plan for natural disasters such as hurricanes as they prepare for disruptive cybersecurity events such as ransomware attacks, says Paige Peterson Sconzo, director of healthcare services at security firm Redacted Inc.

Screenshot

BianLian Ransomware Encrypts Files in the Blink of an Eye

BianLian is a relatively new threat actor that targets a wide range of industries. As they are likely financially motivated, they will continue their efforts to exploit systems and networks they gain access to.

Screenshot

Hospital Chain’s Patient Portals, Other IT Still Offline

Patient care continues to be disrupted at the U.S.’s fourth-largest hospital system as its response to a cyber incident enters a second week.

Screenshot

New Ransomware Group BianLian Activity Exploding

A new ransomware group operating under the name BianLian emerged in late 2021 and has become increasingly active since. [redacted] responds.

Screenshot

Newest ransomware gang on the block

Cyber defense training for businesses is evolving to create immersive scenarios putting board members and C-level executives in the crosshairs of simulated attacks. Researchers at cybersecurity firm Redacted said in a report Thursday that the BianLian ransomware gang tripled its known operational infrastructure in August, indicating that more attacks from the gang could be coming soon.

Screenshot

BianLian Ransomware Expanding C2 Infrastructure and Operational Tempo

The threat actors behind the BianLian Ransomware are rapidly expanding infrastructure, and it has been observed targeting manufacturing organizations.

Screenshot

BianLian ransomware infrastructure beefed up as activity ramps up

Newly identified ransomware group BianLian has bolstered its command-and-control infrastructure, indicating increasing activity, The Hacker News reports. Fifteen organizations have already been impacted by BianLian ransomware since its emergence in mid-July, according to a report from cybersecurity firm [redacted].

Screenshot

New Ransomware Group BianLian Activity Exploding

A new ransomware group operating under the name BianLian emerged in late 2021 and has become increasingly active since. [redacted] responds.

Screenshot

Researchers Element Rising Cross-Platform BianLian Ransomware Assaults

BianLian, written within the Go programming language, was first found in mid-July 2022 and has claimed 15 sufferer organizations as of September 1, cybersecurity agency [redacted] stated in a report shared with The Hacker News.

Screenshot

Researchers Spot Snowballing BianLian Ransomware Gang Activity

The operators of the emerging cross-platform ransomware BianLian increased their command and control infrastructure this month, indicating an acceleration in their operational pace.

Screenshot

Researchers Detail Emerging Cross-Platform BianLian Ransomware Attacks

The operators of the emerging cross-platform BianLian ransomware have increased their command-and-control (C2) infrastructure this month, a development that alludes to an increase in the group’s operational tempo.

Screenshot

Feds Warn of Evil Corp Threats Facing Healthcare Sector

Federal authorities are sounding the alarm for the healthcare industry over Russian cybercrime gang Evil Corp, warning that the group has a wide set of highly capable tools at its disposal for taking healthcare data hostage.

Screenshot

16 Tech Leaders’ Tips For Developing And Maintaining A Robust Incident Response Plan

Whether a business uses technology to manage operations, builds tech tools for other businesses or consumers, or both, it faces the risk of a cybersecurity breach on a daily basis. A successful hack can potentially expose a company’s sensitive data, damage its reputation or even shut down its operations altogether. A top priority for any company working with technology and data must be a robust incident response plan.

Screenshot

Attack on US court records raises concerns about foreign meddling in cases

The Department of Justice is investigating a data breach of U.S. court records dating back to 2020, raising concerns that federal investigations could be compromised.

Screenshot

Ukraine claims to have taken down a massive Russian bot farm. Were Russian cyber operations premature? Report: Emergency Alert System vulnerable to hijacking. And more crypto looting.

Ukraine claims to have taken down a massive Russian bot farm. Were Russian cyber operations premature? Adam Flatley from [redacted] with a look back at NotPetya.

Screenshot

DOJ Recovers $500K Paid to North Korean Ransomware Actors

The US authorities have managed to return half a million dollars to several corporate victims, including healthcare providers forced to pay up after being infected by a new ransomware strain. Tim Kosiba, [redacted] bracket f CEO, urges healthcare providers to stay alert.

Screenshot

Why A Second Cold War Will Likely Be Fought In Cyberspace

Companies should be wise to assume that a second Cold War is upon us and that they—depending on their company’s size, industry and partnerships—are among the prime targets.

Screenshot

Mandiant Co-Founder Jim Hansen Joins Cloud Cybersecurity Startup Redacted as CEO

Redacted gains CEO who has threat response, phishing cyberattack prevention and SOAR expertise from Mandiant, Cofense and Swimlane.

Screenshot

North Korean cyberattacks target US healthcare with Maui ransomware

The FBI has identified a state-sponsored ransomware campaign targeting critical services in the US and has warned organizations to be prepared. Adam Flatley, director of Threat Intelligence at [redacted], responds.

Screenshot

[redacted] Makes [TIDE] Available to the Public for Testing and Community-Driven Extensibility

[TIDE] is a binary analysis platform built by security practitioners for security practitioners. As an integrated piece of [redacted]’s cloud-native platform, [RIP//TIDE], which scales delivery of its layered defense services, [TIDE] automates the technical analysis of all files and immediately shares results with clients. By now opening the platform for public access, [redacted] is creating a modular ecosystem that greatly expands the volume of binary files available to search and explore.

Screenshot

IST Announces New Funding to Combat Ransomware

It is with excitement and gratitude that IST announces new funding support and acknowledges the key financial supporters of the Ransomware Task Force at the beginning of its second year.

Screenshot

William Crowell’s Latest Foray: Cybersecurity Governance At [redacted]

“[redacted] (the company’s actual name is [redacted], Inc.), a cyber defense company, has just appointed a former Deputy Director of the National Security Agency to the company’s board. William Crowell has been active in the field of public and private information security for decades”

Screenshot

Cyber Private Eyes Go After Hackers, Without Counterattacking

Companies hit by hackers typically limit themselves to playing defense to comply with a federal law against invading someone’s computer. But some specialist cybersecurity firms say they can pursue criminals without launching their own attacks. Most cybercrimes in the U.S. fall under the Computer Fraud and Abuse Act, a 1986 law that prohibits unauthorized access of computer systems. The law effectively places offensive cybersecurity actions solely in the hands of the federal government.

Screenshot

Twitch is breached. MalKamak: a newly described Iranian threat actor. Chinese cyberespionage against India. SafeMoon phishbait. The ransomware threat. What counts as compromise.

Twitch is breached. A newly discovered Iranian threat group is described. A Chinese cyberespionage campaign in India proceeds by phishing. SafeMoon alt-coin is trendy phishbait in criminal circles. As the US prepares to convene an anti-ransomware conference, Russian gangs show no signs of slacking off. Betsy Carmelite from BAH on AI/ ML in cyber defensive operations. Our guest is Adam Flatley of [redacted] with recommendations from the Ransomware Task Force. And observations on what counts as compromising material.

Screenshot

Barron’s How Insurers Play a Big Role in Spurring Cybercrime

Ransomware extracted $18 billion in payments last year, and it’s expected there will be an attack every 11 seconds by this year’s end, a problem that some security experts and academic researchers say is exacerbated by the system meant to protect against cybercrime: the insurance industry. Organizations with cyberinsurance are more than twice as likely to pay ransoms as those without, according to a global survey commissioned by U.K.-based cybersecurity and software firm Sophos of 1,823 companies, governments, health systems,…

Screenshot

How Insurers Play a Big Role in Spurring Cybercrime

Organizations with cyberinsurance are more than twice as likely to pay ransoms as those without, according to a global survey commissioned by U.K.-based cybersecurity and software firm Sophos of 1,823 companies, governments, health systems, and other organizations that had been hit by ransomware. This is one of the first times such data have been gathered that show the extent of the relationship between cyberinsurance and ransomware payments. Critics say that relationship helps fuel a ransomware economy that the federal government estimates causes $445 billion in damages to the global economy every year.

Screenshot

Paying Hackers’ Ransom Demands Is Getting Harder

If your data center’s ransomware recovery plan is to pay off the hackers with cryptocurrency, it’s time to rethink your strategy as regulators crack down. Today, every data center manager should be aware of the dangers of ransomware and have a disaster recovery plan that doesn’t involve paying hackers’ ransomware demands.

Screenshot

Treasury Sanctions Russian Crypto Exchange

The US Treasury has added a Russian cryptocurrency exchange to its sanctions list after claiming the firm helped facilitate ransomware payments for countless groups. SUEX is incorporated in the Czech Republic but reportedly operates out of Russia. The Treasury estimated that 40% of its transaction history is associated with “illicit actors.”

Screenshot

Infamous ransomware gang REvil returns to the dark web

Infamous ransomware gang REvil has returned to the dark web, the shady corner of the internet reachable with special software, after disappearing in July amid pressure from the U.S. government on Russia to act on ransomware groups operating in the country. REvil, also known as Sodinokibi, was before its disappearance a prolific ransomware group linked to dozens of attacks. Its most high-profile attack before going dark involved targeting companies using information technology management software from Kaseya Ltd.

Screenshot

Expert: Governments and businesses must come together to combat ransomware threat

Nations have to stop sheltering bad actors in order to stop them, expert says. TechRepublic’s Karen Roby spoke with Adam Flatley, director of threat intelligence for [redacted], a cybersecurity company, about the future of cybersecurity. The following is an edited transcript of their conversation.

Screenshot

Paying ransom should be your last resort, cybersecurity expert says

Paying ransom should be your last resort, cybersecurity expert says Some organizations can get by without paying in a ransomware attack, but others really have no choice, he says.

Screenshot

Ransomware: Moving from defense to offense

Tonya Hall talks to Adam Flatley, director of threat intelligence at Redacted Inc.,about what has been missing in anti-ransomware plans.

Screenshot

Ransomware: To pay or not to pay? That’s the question

Tonya Hall interviews Adam Flatley, director of threat intelligence at Redacted Inc., about the options businesses have when facing a ransomware attack

Screenshot

BankInfoSecurity Advisory Describes Chinese Attackers’ Tactics

Three federal agencies released a 31-page Joint Cybersecurity Advisory Monday that describes 50 tactics, techniques and procedures that Chinese state-sponsored cyberattackers are using to target organizations in the U.S. and allied nations. The Chinese attack techniques outlined in the report include exploiting well-known vulnerabilities in widely used applications, such as Pulse Secure, Apache, F5 Big-IP and Microsoft products.

Screenshot

US State Department offering $10 million reward for state-backed hackers

The State Department announced a $10 million reward for any information about hackers working for foreign governments. The measure is aimed squarely at those participating in “malicious cyber activities against US critical infrastructure in violation of the Computer Fraud and Abuse Act.” Officials said in a release that this included ransomware attacks targeting “critical infrastructure.”

Screenshot

Clop Raid: A Big Win in the War on Ransomware?

Yesterday’s noisy raid of the Clop ransomware gang in Ukraine was a major win according to most experts throughout the cybersecurity community, who said the moment marks a shift in the international war on ransomware. The raid, according to Ukrainian reports translated by eSpire analysts, included the arrests of six people in Kiev, the seizure of $185,000 in cash, a Tesla, a Mercedes and their computer equipment. Those arrested face up to eight years in prison, the records s

Screenshot

US Warns Russia of Cyber-Attack No-Go List

President Biden and his team have warned the Putin administration of 16 critical infrastructure entities that are off-limits for threat actors operating from Russia. The news came as the two leaders sat down in Geneva for a summit which Biden said was designed to ensure a “stable and predictable” relationship between countries following the turmoil of the Trump years.

Screenshot

[redacted] Closes $35M in Series B Funding to Disrupt Adversaries and Hold Attackers Accountable

Former Facebook CSO, NSA and CIA Operatives Team Up to Level the Playing Field for Organizations against Attackers

Screenshot

[redacted] comes out of stealth with $60M in funding and a new take on fighting cybercrime

Today a startup called [redacted] is coming out of stealth with a different approach to tackling malicious activity — it applies threat intelligence, and then proactively goes after the hackers to recover data loss and disrupt their activities

Screenshot

After Nearly 6 Years, SMB Cybersecurity Provider [redacted] Emerges From Stealth With $35M

San Francisco-based cybersecurity provider [redacted] officially emerged from stealth with a $35 million Series B to help small and medium-sized businesses be more secure.

Speak with our technical team.