Displaying items by tag: Mandiant

OT and Internet of Things (IoT) company Nozomi Networks has announced the general availability of the Nozomi TI Expansion Pack. Powered by Mandiant Threat Intelligence.

GUEST OPINION: In the shadowy world of cyber warfare, one name stands out among the rest: APT45. This North Korean cyber operator has quietly but effectively carried out espionage and cyberattacks since as early as 2009. But APT45 isn’t just another player in the DPRK’s cyber arsenal; it is a distinct and dangerous entity, expanding its operations beyond espionage to include financially motivated cybercrime, even dabbling in ransomware—a rare move for North Korean cyber units.

COMPANY NEWS: Rubrik, the zero trust data security company, today announces a new partnership and technology integration with Mandiant, part of Google Cloud. The collaboration brings together leaders in data security, incident response, and threat intelligence, aiming to expedite customers’ threat detection and path to cyber recovery.

COMPANY NEWS: APT45, a North Korean cyber operator since 2009, has evolved from espionage to financially motivated operations, distinguishing itself with unique malware and frequent critical infrastructure targeting. Google Cloud’s Mandiant division has been tracking the operator for some years, and it has now been elevated to the status of “Advanced Persistent Threat Group” (APT).

Attackers who used stolen credentials to purloin the data of companies using the services of storage firm Snowflake are demanding between US$300,000 (A$454,040) and US$5 million from about 10 of the 165 companies compromised, a security firm says.

Security firm Mandiant says attackers have used stolen credentials to steal the data of as many as 165 organisations from storage provider Snowflake.

GUEST RESEARCH: Mandiant has reported a notable resurgence in ransomware activity in 2023, reversing the slight decline observed in 2022. The surge includes a 75% increase in posts on data leak sites and a more than 20% rise in Mandiant-led ransomware investigations.

Google wants to be taken seriously as a provider of security services for the enterprise. With that in mind, the company has unveiled what it calls Intel-driven AI-powered SecOps and actionable threat intelligence, the latter under the name Google Threat Intelligence, at the RSA conference in San Francisco.

COMPANY NEWS: Nozomi Networks, the leader in OT and IoT security, and Mandiant, part of Google Cloud, today announced they have expanded a longstanding global partnership to further strengthen and streamline the way industrial and enterprise CISOs and their teams anticipate, diagnose, and respond to cyber threats across all their critical business operations. Through this partnership expansion, Nozomi Networks and Google Security Operations customers will have the option to combine Mandiant threat intelligence and incident response with Nozomi Networks threat intelligence to gain comprehensive access to real-time information about threats to their IT, operational technology (OT), and IoT systems.

GUEST RESEARCH: Mandiant, part of Google Cloud, today released the findings of its M-Trends 2024 report. Now in its 15th year, this annual report provides expert trend analysis based on Mandiant frontline cyber attack investigations and remediations conducted in 2023.

GUEST RESEARCH: Google's Threat Analysis Group (TAG) and Mandiant, renowned leaders in cybersecurity research, have released their annual report on zero-day vulnerabilities, highlighting a significant surge in exploitation incidents witnessed in 2023.

COMPANY NEWS: Google Cloud has announced a significant milestone in cloud security with the launch of Security Command Centre Enterprise. Developed in collaboration with Mandiant, this innovative solution marks a fundamental shift in the industry by seamlessly integrating proactive cloud security with enterprise security operations.

The US Securities and Exchange Commission has sued software vendor SolarWinds and its chief information security officer, Timothy Brown, over fraud and internal control failures relating to allegedly known cyber security risks and vulnerabilities.

COMPANY NEWS: As security threats continue to evolve and expand, organisations face unprecedented challenges in defending against modern threats. Chronicle Security Operations represents a new era in threat detection, investigation, and response (TDIR) with its unified platform, incorporating Security Orchestration, Automation, and Response (Soar) and Security Information and Event Management (SIEM) capabilities.

GUEST EVENT: Mandiant, now part of Google Cloud, today unveiled new information on the exciting lineup of keynote speakers and panels for mWISE Conference 2023, which will take place 18-20 September, at the Marriott Marquis Hotel in Washington DC, along with a digital option.

Well-known ransomware threat researcher Brett Callow has poured cold water on claims that ransomware, which sought to capitalise on the recent Wagner group incidents, has been targeting Windows users in Russia.

Not for the first time, the industrial cyber security firm Dragos has contradicted popular conclusions about malware, saying its research into the ICS malware, dubbed COSMICENERGY by the Google-owned Mandiant, has found that it is not an immediate threat to operational technology.

A number of US Federal Government agencies have been breached through a vulnerability in the secure managed file transfer software MOVEit Transfer, a report claims.

Data theft using a zero-day in the secure managed file transfer software MOVEit Transfer has been claimed to be carried out by the Cl0p ransomware group, with the incidents starting on 27 May.

The verdict in a case filed by investors against the directors of the software firm SolarWinds, claiming they were aware of the risks that the firm's software posed, but failed to act to prevent devastating attacks that came to light in 2020, has gone in favour of the company.