Displaying items by tag: Red Team

The process of staging a ransomware attack is much more complex than portrayed, with a number of actors involved, the global security company Kaspersky claims in a detailed blog post about how a typical attack chain is organised. The post was written on Anti-Ransomware Day aiming to demolish some myths around ransomware, which predominantly attacks systems running Microsoft Windows.

Microsoft has admitted that the malicious attackers involved in a supply chain attack gained access to some part of the source code for its Azure, Exchange and Intune products.

Breached cyber security company FireEye has explicitly said that the alleged Russian group APT29 is not behind the attack on its own infrastructure and a number of other private and public firms, according to the head of security company Dragos.

Former NSA hacker Jake Williams has criticised the SEC filing made by security firm SolarWinds following the disclosure that the company's Orion network management software had been compromised and used to breach numerous companies in many regions of the globe.

The chief executive of a British security firm has criticised the American firm FireEye — which had its Red Team tools stolen by an unknown adversary recently — of using fancy terms in its advisory about the attack in order to hide its own failings.

Cyber security vendor FireEye has a considerable amount of egg on its face after the tools used by its Red Team — an attack unit — have been stolen by a group that it claims is a "highly sophisticated state-sponsored adversary".

The fear of a loss of reputation is the primary motivator for organisations to seek penetration testing of their networks, to find out how secure they are against likely intruders, according to a senior penetration tester with security firm SecureWorks.