My job is to craft and implement attack scenarios for Cymulate customers to launch in their environment and increase their cyber-resilience. In this tech-blog post I will talk about a new vulnerability dubbed “PrintNightmare”(CVE-2021-34527) and demonstrate how the attack is implemented in the Cymulate Continuous Security Validation platform, Purple Team module. The scenario is implemented in the Cymulate Continuous Security Validation platform, Purple Team module. This allows blue teamers a.
Cymulate’s June 2021 Cyberattacks Wrap-up June 2021 saw a number of ransomware attacks and ransom payments. Gold Northfield, the REvil ransomware group, launched various attacks targeting high-profile targets. JBS Foods, one of the world’s largest meat producers, paid the equivalent of $11 million to restore its operations in Australia, the USA, and Canada after being infected by REvil. Also Fujifilm fell victim to a ransomware attack by the REvil threat actors using the Qbot Trojan, as did.
Comparing Cymulate and AttackIQ Continuous Security Validation Platforms An Important Lesson As a kid in elementary school my father, took me with him when he was looking for a new car. With a manila folder carrying a copy of Consumer Reports and a legal pad of his carefully taken notes under his arm we went into one car dealership where my dad found a car he had researched and was interested in. As he began to look over the car an eager sales rep approached us and began to bombard us with.
As a twenty-plus year cybersecurity professional I can count on a single hand the times I had to respond to a vendor who made crazy, unsubstantiated claims. As practitioner in Breach and Attack Simulation (BAS) and Purple Teaming, I wanted to counter some really misleading “marketecture” that I heard another vendor make. I am going to take the high road and not call that vendor out by name and set the record straight by giving my experience with specifically the Cymulate Continuous Security.
Going on the Offensive In the US government and in the private sector the last few weeks have been truly fascinating from a ransomware perspective. We have reached a tipping point where both sectors see Ransomware as a high-risk threat. In the case of the US government, they have taken a more proactive and offensive approach in going after ransomware criminals, their infrastructure, and even their stolen funds. In this blog, we will discuss this as well as some guidance for the private sector.
Cymulate’s May 2021 Cyberattacks Wrap-up During May 2021, threat actors, quite likely DarkSide, went big-game hunting, hacking the Colonial Pipeline Co., which operates one of the largest U.S. fuel pipelines. The company decided to comply with the ransom demand and paid $5 million to restore operations. Also in May 2021, branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong, and the Philippines were hit by ransomware cyberattacks. This cyber attack followed the announcement of.
Introducing Cymulate Cyclone New Cymulate offering will become the next important as-a-service offering provided by MSSPs (Managed Security Service Providers) and consulting services providers. I cannot tell you how many times showing up at a customer's location to run a meeting, a proof of concept or a training session and asking the question, “Are we waiting for anyone else from the security team?” Sadly, often I hear the reply, “You are looking at the entire team.” There has been a global.
Applying The Wisdom of Many Jane Benitz Wong, Vice President Security Products, Splunk I love my work. Product management is a combination of science and art as products must appeal to both the heart and mind of our customers. Even in a high-tech industry like cybersecurity, the most successful products are those of rich functionality and capabilities, which are also intuitively usable and look cool. I am often asked to sit on the board of directors or advisory board of rising technology.
Cymulate’s April 2021 Cyberattacks Wrap-up Threat actors stepped up their game during April 2021, with ransomware groups finding new ways to increase their profits by putting on corporate victims. For instance, the DarkSide ransomware group is openly approaching stock traders to offer them inside knowledge of their latest corporate victims, which would allow the brokers to short sell the breached company’s stock before any data is leaked and the breach becomes public. The Babuk ransomware group.
Cymulate’s March 2021 Cyberattacks Wrap-up Threat actors were busy during March 2021, breaching major companies such as SITA, a global IT company supporting 90% of the world’s airlines. In this case, the PII belonging to airline passengers was stolen, including their names, card numbers, and status level. In the Netherlands, the stolen personal data of an estimated 7.3 million residents were offered online for sale. The data was stolen from RDC, a company that provides car garages with IT.
Read More >
Subscribe to Our Blog
Stay up to date with the latest cybersecurity news and tips