Jun 8, 2023
|
By Kaustubh Jagtap
On June 7th, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory highlighting the recent efforts of threat actors to disseminate CL0P ransomware. The various malicious indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) being leveraged by the threat actors are listed in US-CERT Alert (AA23-158A) – CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability.
Jun 6, 2023
|
By SafeBreach
In our first post on using BAS in an operational technology (OT) environment, we provided an overview of a typical converged IT/OT network, the trends that were driving increased cyber risk for industrial asset owners, and a high-level discussion of how BAS can help provide better visibility and protection across the converged environment.
May 30, 2023
|
By Melissa Goldberger
If you’ve met me, you know I’m pretty direct, so I’m going to preface this whole post by saying: yup, this is being written by a marketer. As SafeBreach’s CMO, I know that going to RSA means being crushed by the immense force of vendors trying to stand out and in some cases using gimmicks. We’re certainly a part of that: did anyone get their tarot read at our booth this year?
May 25, 2023
|
By Kaustubh Jagtap
On May 24th, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ), United Kingdom National Cyber Security Centre (NCSC-UK) and the Australian Cyber Security Centre (ACSC) along with their private sector partners recently discovered a cluster of activity of interest associated with a People’s Republic of China
Featured Post
May 19, 2023
|
By Avishai Avivi, CISO
The cybersecurity landscape has changed almost beyond recognition. Cyber attacks, have grown into an inescapable facet of our daily lives. Everyone, from the world's most powerful people to general consumers, live under the spectre of cyberattacks. Cyberattacks also creep into the military sphere, with the threat of all-out cyber warfare looming large over conflicts across the globe.
May 17, 2023
|
By Kaustubh Jagtap
On May 16th, Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Cyber Security Centre (ACSC) released an advisory highlighting the various malicious indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) being leveraged by the BianLian ransomware group.
May 12, 2023
|
By Kaustubh Jagtap
On May 11th, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released an advisory highlighting the active malicious exploitation of CVE-2023-27350 in PaperCut MF and PaperCut NG software by a threat actors including one known as the Bl00dy Ransomware Gang. The US-CERT Alert (AA23-131A) Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG includes detailed information about this investigation (along with attacker TTPs and IOCs).
May 10, 2023
|
By Kaustubh Jagtap
The Cybersecurity and Infrastructure Security Agency (CISA) shared the findings of an investigation by numerous cybersecurity agencies worldwide on May 9th, exposing the malicious cyberespionage operations carried out by the Russian FSB utilizing the “Snake” malware. The US-CERT Alert (AA23-129A) Hunting Russian Intelligence “Snake” Malware provided information about this investigation and takedown (along with attacker TTPs and IOCs).
May 4, 2023
|
By SafeBreach
You can’t predict the future, but you can prepare for it. When it comes to IT (and OT), security validation is the closest to predicting the future as you can get. This is the second post in our series “Demystifying Security Validation Technologies: What You Need to Know,” in which we break down a number of security validation methods available today, provide the strengths and weaknesses of each, and explain how each functions in different IT environments.
May 2, 2023
|
By Kaustubh Jagtap
Enterprise security operations teams find it increasingly difficult to maintain a hardened posture against advanced network and cloud threats. Given the rapid adoption of cloud platforms and software-as-a-service (SaaS) tools, cloud application traffic has overtaken web traffic to dramatically expand the attack surface. As a result, overreliance on traditional security controls can lead to increased blind spots, and control misconfigurations can create significant business risks.
May 19, 2023
|
By SafeBreach
Today's CISOs and security teams must constantly validate security controls to identify gaps, remediate misconfigurations, and optimize performance against a rapidly increasing threat landscape. Breach and attack simulation (BAS) solutions-designed to continuously test the effectiveness of security controls and identify potential vulnerabilities-have emerged as a powerful tool to help organizations navigate this new reality. But not all BAS platforms are created equal.
May 19, 2023
|
By SafeBreach
The mission of today's security teams is clear: protect the company from emerging cyber threats. What's less clear is how to ensure stakeholders understand the impact of their programs. Traditional security reporting focuses on threats and vulnerabilities and how many were stopped and prevented, but non-technical stakeholders-who are concerned with the business's bottom line and how these threats can impact business continuity-need to know how these activities translate to tangible business values. As risk is tied to revenue, security teams need a simple way to understand and share the real efficacy of their programs with their stakeholders.
May 1, 2023
|
By SafeBreach
There are a number of security validation methods available on the market today, but each has different uses and functions. And, not all of them are appropriate in every IT environment. As a result, many organizations waste time and resources on technologies or approaches that may work well for others, but aren't a good fit for their specific use case.
May 1, 2023
|
By SafeBreach
Starting a red-team program but not sure where to begin? Looking to improve your existing red-team operation? Before getting too far in the cyber weeds, go back to the basics with "The Fundamentals of Modern Cybersecurity Red Teaming."
Apr 1, 2023
|
By SafeBreach
2022 saw a dramatic increase in the prevalence, severity, and impact of cyberattacks, presenting a striking new reality for CISOs and their security teams. They were-and continue to be-in a constant race against time to improve security and performance.
Apr 1, 2023
|
By SafeBreach
Modern SOCs are complex environments with dozens of tools, overlapping teams, and a constantly growing attack surface to protect. To combat these challenges and keep up with the rapidly evolving threat landscape, security leaders must constantly strive to improve SOC efficiency and keep team members engaged.
- June 2023 (2)
- May 2023 (13)
- April 2023 (7)
- March 2023 (3)
- February 2023 (4)
- January 2023 (2)
- December 2022 (5)
Combining the mindset of a CISO and the toolset of a hacker, SafeBreach is the pioneer in breach-and-attack simulation (BAS) and is the most widely used platform for continuous security validation. SafeBreach continuously executes attacks, correlates results to help visualize security gaps, and leverages contextual insights to highlight remediation efforts.
With its Hacker’s Playbook™, the industry’s most extensive collection of attack data enabled by state-of-the-art threat intelligence research, SafeBreach empowers organizations to get proactive about security with a simple approach that replaces hope with data.
Unleash the power of your security controls to drive down risk.
- Attack with Purpose: Execute real-world attacks safely and continuously to identify what your security controls will prevent, detect, or miss.
- Analyze with Real-Time Data: Gain a quantitative view of your security posture by visualizing security-control performance data that’s not available anywhere else.
- Remediate with Intention: Review actionable data to quickly identify gaps, expedite remediation, and efficiently reduce risk.
- Report with Confidence: Communicate to key stakeholders with clear insights to quantify risk, prioritize investments, and ensure strategic alignment.
Gain visibility across the entire cyber kill chain.