Displaying items by tag: Red Team

Identity security company CyberArk's vice president of Red Team services Shay Nahari is committed to giving enterprises the tools to find the holes in their security before the bad guys do, and prepare them on what to do should an attack happen.

Australian National University student Alaina Lawson has won a $5,000 women cybersecurity scholarship sponsored by Eset Australia.

The process of staging a ransomware attack is much more complex than portrayed, with a number of actors involved, the global security company Kaspersky claims in a detailed blog post about how a typical attack chain is organised. The post was written on Anti-Ransomware Day aiming to demolish some myths around ransomware, which predominantly attacks systems running Microsoft Windows.

Microsoft has admitted that the malicious attackers involved in a supply chain attack gained access to some part of the source code for its Azure, Exchange and Intune products.

Breached cyber security company FireEye has explicitly said that the alleged Russian group APT29 is not behind the attack on its own infrastructure and a number of other private and public firms, according to the head of security company Dragos.

Former NSA hacker Jake Williams has criticised the SEC filing made by security firm SolarWinds following the disclosure that the company's Orion network management software had been compromised and used to breach numerous companies in many regions of the globe.

The chief executive of a British security firm has criticised the American firm FireEye — which had its Red Team tools stolen by an unknown adversary recently — of using fancy terms in its advisory about the attack in order to hide its own failings.

Cyber security vendor FireEye has a considerable amount of egg on its face after the tools used by its Red Team — an attack unit — have been stolen by a group that it claims is a "highly sophisticated state-sponsored adversary".

The fear of a loss of reputation is the primary motivator for organisations to seek penetration testing of their networks, to find out how secure they are against likely intruders, according to a senior penetration tester with security firm SecureWorks.