Barracuda Urges Immediate Replacement of Hacked ESG Appliances
Enterprise security company Barracuda is now urging customers who were impacted by a recently disclosed zero-day flaw in its Email Security Gateway (ESG) appliances to immediately replace them. "Impacted ESG appliances must be immediately replaced regardless of patch version level," the company said in an update, adding its "remediation recommendation at this time is full replacement of the impacted ESG."
New PowerDrop Malware Targeting U.S. Aerospace Industry
An unknown threat actor has been observed targeting the U.S. aerospace industry with a new PowerShell-based malware called PowerDrop. "PowerDrop uses advanced techniques to evade detection such as deception, encoding, and encryption," according to Adlumin, which found the malware implanted in an unnamed domestic aerospace defense contractor in May 2023.
Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices
Thousands of adware apps for Android have been found to masquerade as cracks or modded versions of popular applications to serve unwanted ads to users as part of a campaign ongoing since October 2022. "The campaign is designed to aggressively push adware to Android devices with the purpose to drive revenue," Bitdefender said in a technical report shared with The Hacker News.
Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
The Chinese nation-state group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of "basic machine enumeration and command execution via PowerShell or Goroutines."
Winning the Mind Game: The Role of the Ransomware Negotiator
Ransomware is an industry. As such, it has its own business logic: organizations pay money, in crypto-currency, in order to regain control over their systems and data. This industry's landscape is made up of approximately 10-20 core threat actors who originally developed the ransomware's malware. To distribute the malware, they work with affiliates and distributors who utilize widespread phishing attacks to breach organizations. Profits are distributed with approximately 70% allocated to the affiliates and 10%-30% to these developers.
New Malware Campaign Leveraging Satacom Downloader to Steal Cryptocurrency
A recent malware campaign has been found to leverage Satacom downloader as a conduit to deploy stealthy malware capable of siphoning cryptocurrency using a rogue extension for Chromium-based browsers. "The main purpose of the malware that is dropped by the Satacom downloader is to steal BTC from the victim's account by performing web injections into targeted cryptocurrency websites," Kaspersky researchers Haim Zigel and Oleg Kupreev said.
There are many advanced cyber threat security solutions available on the market today. For example, FireEye (NASDAQ: FEYE) pioneered the advanced threat detection market with the introduction of its Multi-Vector Execution (MVX) engine for network security and today, FireEye’s intelligent, cloud-first XDR platform delivers unmatched detection, protection, and response. Their product suite was sold in 2021 to Symphony Technology Group (STG), leaving them to concentrate on Mandiant Advantage SaaS security management and orchestration platform, which was in turn listed independently on the NASDAO, and is soon to be acquired by Google Cloud, according to CEO Kevin Mandia.
To match our best-in-class signals intelligence hardware, we advise on cyber security products that ensure user identification verification, data encryption, security against email-borne threats like Phishing, SpearPhishing and file-borne cyber theft using malware and ransomware. Outmaneuver cyber attackers with threat intelligence and cloud data security breach detection. Digital forensics can expose cyber data security weaknesses and vulnerabilities so that cyber crime counter-measures can be implemented. Consult with us on how to protect your Microsoft, Amazon, and Google cloud investments with advanced cybersecurity defenses.
Group-IB, based in the Netherlands, provides a wide range of services for real-world attack prevention, for example security assessments, proactive DDoS, and penetration testing, to protect you from any vulnerability.
For the past 18 years, Mandiant has delivered unparalleled frontline expertise and industry-leading threat intelligence. Mandiant’s more than 600 consultants currently respond to thousands of security breaches each year. Paired with research from more than 300 intelligence analysts, these resulting insights are what power Mandiant’s dynamic cyber defense solutions – delivered through the managed multi-vendor XDR platform, Mandiant Advantage.
Today, organizations are facing cybersecurity challenges that have accelerated in frequency, severity and diversity, creating a global security imperative. To address these risks, enterprises need to be able to detect and respond to adversaries quickly; analyze and automate threat intelligence to scale threat detection across organizations; orchestrate and automate remediation; validate their protection against known threats; and visualize their IT environment in order to identify and simulate new threats. The cloud represents a new way to change the security paradigm by helping organizations address and protect themselves against entire classes of cyber threats, while also rapidly accelerating digital transformation.
Since 2004, Mandiant® has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.
Mandiant’s mission is to make every organization secure from cyber threats and confident in their cyber security readiness. We have relentlessly pursued this objective by scaling our expertise and intelligence through our Mandiant Advantage SaaS platform.
Mandiant intends to be the best cyber security company in the world, with a single platform that blends expertise, intelligence and technology to make Mandiant a seamless extension of your security operations.
Cybersecurity requires vigilance and intelligence, but also speed. You have to intercept and evaluate the package without holding up the flow of data, yet flag it and possibly eliminate it before it can do any damage.
You also have to be faster than the hackers and state actors who threaten us, and you have to be versatile. Field Programmable Gate Arrays (FPGAs) are ideal for the job. They are as fast or faster than a CPU, but can be changed and amended on-demand by the user in response to fast-changing threats. Thus you can program you application right into th heart of your hardware for maximum speed, yet change it when you need to for maximum flexibility and versatility.
But FPGAs are complicated. To that end, we sell a wide range of “FPGA Accelerator Boards”. These cards fit easily into PCIe slots for fast communication with the host computer, yet have extensive onboards memory and external networking ports for high bandwidth throughput. Coupled with programming tools such as oneAPI ad VeriLog, your FPGA is immediately application-ready to tackle cybercrime threats and combat cyber attacks.
Information Security implies sophisticated systems and real time computation speed. Cryptographic algorithms fulfil specific information security requirements such as data integrity, confidentiality and authenticity. FPGA-based cyber-solutions integrate hardware that incorporates cryptographic algorithms and accelerates cipher functions used in the Scalable Encryption Algorithm (SEA), Message Digest Algorithm (MD5), and Secured Hash Algorithm (SHA2).
We proudly represent Bittware, amongst others, whose boards target cybersecurity and SigInt signals intelligence. Presentations at Defence and Security Equipment International (DSEI) highlight solutions that primarily target signal and network packet processing applications and support high-accuracy time stamping.
For latency-sensitive applications and co-processing requirements and with a network interface, cyber security capabilities and host-to-carrier acceleration serve applications in radar, EW electronic warfare, networking ,and SigInt integration and development of cyber defences while off-loading standard host applications.
This hardware features high densities and a power-efficient FPGA fabric married with a rich feature set including hard floating-point DSP blocks and preconfigured physical interfaces and infrastructure.
PCIe-based FPGA accelerator cards offers both inline and lookaside acceleration. They provide the performance and versatility of FPGA acceleration and support Intel’s Acceleration Stack for Intel® Xeon® CPU with FPGAs. This acceleration stack provides a common developer interface for both application and accelerator function developers, and includes drivers, application programming interfaces (APIs), and an FPGA interface manager. Together with acceleration libraries and development tools, the acceleration stack saves developers time and enables code re-use across multiple Intel FPGA platforms. To help protect systems from FPGA-hosted security exploits, a Root-of-Trust device enables more secure loading of authorized workloads and board updates, and enforces policies to help prevent unauthorized access to critical board interfaces and flash memory.
“There has never been a more critical time in cybersecurity. Since our founding in 2004, Mandiant’s mission has been to combat cyber attacks and protect our customers from the latest threats,” said Kevin Mandia, CEO, Mandiant. “To that end, we are thrilled to be joining forces with Google Cloud. Together, we will deliver expertise and intelligence at scale, changing the security industry.”
Mandiant recently announced that they have agreed to be acquired by Google. This is an opportunity to accelerate Mandiant’s offerings, to extend their reach and to support more organizations with an innovative approach to cyber security – in areas like threat detection and intelligence, testing and validation, and managed multi-vendor XDR.
The cloud represents a new way to change the security paradigm by helping organizations address and protect themselves against entire classes of cyber threats, while also rapidly accelerating digital transformation.
Google Cloud has made security the cornerstone of its commitment to customers and users around the world – building cloud-native security into the foundation of its technology to block malware, phishing attempts and potential cyber attacks at scale. The Mandiant acquisition underscores Google Cloud’s commitment to advancing its security offerings to better protect and advise customers across their on-premise and cloud environments.
The acquisition of Mandiant will complement Google Cloud’s existing strengths in security.
Together with Mandiant, Google Cloud will deliver an end-to-end security operations suite with even greater capabilities as well as advisory services helping customers address critical security challenges and stay protected at every stage of the security lifecycle.
“Cyber security is a mission, and we believe it’s one of the most important of our generation. Google Cloud shares our mission-driven culture to bring security to every organization,” said Kevin Mandia, CEO, Mandiant. “Together, we will deliver our expertise and intelligence at scale via the Mandiant Advantage SaaS platform, as part of the Google Cloud security portfolio. These efforts will help organizations to effectively, efficiently and continuously manage and configure their complex mix of security products.”
“The Mandiant brand is synonymous with unmatched insights for organizations seeking to keep themselves secure in a constantly changing environment,” said Thomas Kurian, CEO, Google Cloud. “This is an opportunity to deliver an end-to-end security operations suite and extend one of the best consulting organizations in the world. Together we can make a profound impact in securing the cloud, accelerating the adoption of cloud computing, and ultimately make the world safer.”
Google Cloud accelerates every organization’s ability to digitally transform its business. It delivers enterprise-grade solutions that leverage Google’s cutting-edge technology – all on the cleanest cloud in the industry. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.
The acquisition enables Mandiant to accelerate the path to deliver their expertise and intelligence through the Mandiant Advantage SaaS platform. The scale and the investment capability for innovation that Google Cloud brings to the table will allow Mandiant to more rapidly achieve their vision to deliver expertise and intelligence at scale.
Security has been core to Google Cloud’s mission and product strategy. This is very much aligned with Mandiant’s own mission to relentlessly protect their customers from cyber attacks.
Together with Mandiant, Google Cloud will be able to deliver an end-to-end security operations suite with even greater capabilities to support customers across their on-premises and cloud environments. The combination of Google Cloud and Mandiant will have a profound impact in securing the cloud, accelerating the adoption of cloud computing, and ultimately make the internet a safer place for all.
The acquisition of Mandiant will complement Google Cloud’s existing strengths in security. Google Cloud offers customers a robust set of services including pioneering capabilities such as BeyondCorp Enterprise for Zero Trust and VirusTotal for malicious content and software vulnerabilities; Chronicle’s planet-scale security analytics and automation coupled with services such as Security Command Center to help organizations detect and protect themselves from cyber threats; as well as expertise from Google Cloud’s Cybersecurity Action Team.
As a recognized leader in strategic security advisory and incident response services, Mandiant brings real-time and in-depth threat intelligence gained on the frontlines of cybersecurity with the largest organizations in the world. Combined with Google Cloud’s cloud-native security offerings, the acquisition will help enterprises globally stay protected at every stage of the security lifecycle.
The reach and innovation potential of Google Cloud allows Mandiant to more rapidly deliver expertise and intelligence at scale.
“Organizations around the world are facing unprecedented cybersecurity challenges as the sophistication and severity of attacks that were previously used to target major governments are now being used to target companies in every industry,” said Thomas Kurian, CEO, Google Cloud. “We look forward to welcoming Mandiant to Google Cloud to further enhance our security operations suite and advisory services, and help customers address their most important security challenges.”
As a pioneer in offering multicloud technology, Google Cloud’s security operations suite will continue to provide a central point of intelligence, analysis and operations across on-premise environments, Google Cloud and other cloud providers. Mandiant’s controls-agnostic approach aligns with Google Cloud’s commitment to security.
Mandiant will continue to be the organization that you can trust to offer the expertise and intelligence you need to meet your needs for cyber security readiness.
Working with our partners, we address your cyber threats and your cloud and digital infrastructure protection against cyber-attacks with products from FireEye such as:
Identify cyber threats that present a risk to your data and operations.
Protect and defend against cyber security attacks.
Measure, optimize and continuously improve security programs.
Software-as-a-service (SaaS) platform that automates our expertise and intelligence knowledge.
Frontline cyber threat intelligence to understand and protect against the latest and most relevant threats. Understand data breach intelligence before it is made publicly available.
Triage security alerts from your security stack at machine speed using data science and machine learning.
Automatically eliminate events that don’t matter to reveal the ones that do.
Validate and continuously measure the effectiveness of your cyber security controls. Identify and implement opportunities for improvement, rationalize your security investment and remove duplicate or outdated security tools.
Outmaneuver your attackers with cyber security consulting and mdr services.
FireEye approaches cloud security holistically, with solutions that combine visibility, protection and a comprehensive range of services.
Protect your cloud infrastructure.
Set up your cloud securely.
A control center for cloud security management that delivers visibility, compliance and governance to any security environment across Openstack, Kubernetes, Azure, Amazon Web Services, and Google Cloud Platform.
A service that evaluates cloud security programs and hardens techniques for cloud-based services like Microsoft Office 365, Microsoft Azure, AWS, and GCP.
A security instrumentation platform that continuously validates the effectiveness of cloud security controls in AWS and Azure with quantifiable, evidence-based data.
Are adversaries in my cloud? Centralize your security monitoring for precise visibility.
Can the attacker access my cloud data? Detect and respond to misuse with intelligence led solutions.
A secure email gateway solution that stops email-borne threats with first-hand knowledge of attacks and attackers before they can cause any harm.
A security operations platform that integrates disparate security tools and augments them with SIEM, orchestration and threat intelligence capabilities to capture the untapped potential of security investments.
A threat detection service that delivers flexible file and content scanning capabilities to identify file-borne threats in your cloud or web applications.
An advanced threat protection and breach detection solution with visibility into the world’s most sophisticated attacks that protects networks, assets and users from known and unknown threats.
Our cyber security knowledge and experience has brought us into contact with solutions such as these: