AZORult Campaign Adopts Novel Triple-Encryption Technique

thraetpost | February 03, 2020

A recent wave of AZORult-laced spam caught the attention of researchers who warn that malicious attachments associated with the campaign are using a novel obfuscation technique, in an attempt to slip past spam gateways and avoid client-side antivirus detection. What makes this campaign unique is the use by threat actors of a triple-encrypted AZORult downloader being pushed by the otherwise non-descript malspam assault. AZORult is remote access trojan popular on Russian forums and most recently spotted last month in a spam campaign perpetrated by a hacker with an affinity toward singer-songwriter Drake.

Spotlight

Tenable ranks highest in the strategy and current offering categories. “Tenable is a great choice for enterprises looking for a VRM vendor that provides strong prioritization and reporting across device types,” according to a Forrester report. We believe this report reinforces Tenable’s Cyber Exposure vision of enabling organiza

Spotlight

Tenable ranks highest in the strategy and current offering categories. “Tenable is a great choice for enterprises looking for a VRM vendor that provides strong prioritization and reporting across device types,” according to a Forrester report. We believe this report reinforces Tenable’s Cyber Exposure vision of enabling organiza

Related News

DATA SECURITY

Booz Allen Invests in Tracepoint, the industry's leading digital forensics and incident response company

businesswire | January 08, 2021

Booz Allen Hamilton reported today that it had made an essential interest in Tracepoint, a quickly developing advanced criminology and episode reaction organization serving driving customers in general society and private areas. The organization, helped to establish by Baton Rouge-based Plexos Group and a few industry specialists, has some expertise in supporting digital protection transporters, legal counselors, intermediaries, and their customers through emergencies. The speculation declared today upgrades the capacity of both Tracepoint and Booz Allen to safeguard customers against a developing number of incapacitating digital dangers. “This past year has been dominated by increasingly sophisticated cyber attacks, from the evolution of ransomware business models to a surge in attacks related to remote work,” said Bill Phelps, executive vice president and leader of the firm’s global commercial business. “Organizations must be able to detect, respond, and remediate the most consequential cyber threats to fully capitalize on the benefits of digital transformation. This investment in Tracepoint is part of our broader commitment to delivering comprehensive cyber services and solutions to ensure business resiliency for our global client base.” This speculation supplements Booz Allen's current network safety portfolio, which underpins numerous Fortune 100 and Global 2000 customers, just as essentially every U.S. protection and government office. Booz Allen's administration in online protection keeps on developing. The association's training was as of late positioned by Frost and Sullivan as having the biggest piece of the pie in Managed and Professional Security Services in the Americas. The association's business conveys progressed digital administrations for customers across various enterprises, including monetary administrations, wellbeing and life sciences, energy, transportation, and assembling. “Both of our organizations, Tracepoint and Booz Allen, are dedicated to helping clients defend against and respond to some of today’s most sophisticated and determined cyber actors,” said Chris Salsberry, Tracepoint’s chief executive officer. “We're excited to have Booz Allen, a recognized cybersecurity leader, as an investor and partner. Their support helps elevate and grow our incident response capabilities. As we’ve seen across client engagements, organizations must relentlessly prepare for a cyber incident to reduce their risk.” This venture follows the new expansion of Andrew Turner, the previous boss security official for Fidelity National Information Systems, as a Booz Allen chief VP and market methodology pioneer in the company's worldwide business and imprints a significant advance in Booz Allen's continuous procedure to extend the company's worldwide business. The profound skill of Booz Allen professionals is procured through continuous digital activities, driving edge specialized developments, basic huge scope occurrence reactions, and progressed digital danger insight. “Cybersecurity is a business-enabling function that directly affects an organization’s potential to deliver to the bottom line,” said Jerry Bessette, a Booz Allen senior vice president and leader of the firm’s commercial strategic readiness and incident response team. “Tracepoint has a proven track record of helping clients respond to attacks with resiliency and we’re proud to invest and enhance these incident response capabilities. A growing array of domestic and international cyber threats means that having tested plans in place to mitigate threats will only become more of a business imperative.” Regarding the exchange, Booz Allen held Goldman Sachs and Co LLC as monetary consultant and King and Spalding LLP as legitimate guide. Tracepoint held Raymond James and Associates, Inc. as monetary counselor and Holland and Knight, LLP as lawful guide. Terms of the venture were not uncovered. About Booz Allen For more than 100 years, military, government and business leaders have turned to Booz Allen Hamilton to solve their most complex problems. As a consulting firm with experts in analytics, digital, engineering and cyber, we help organizations transform. We are a key partner on some of the most innovative programs for governments worldwide and trusted by its most sensitive agencies. We work shoulder to shoulder with clients, using a mission-first approach to choose the right strategy and technology to help them realize their vision. With global headquarters in McLean, Virginia, our firm employs about 27,600 people globally as of September 30, 2020 and had revenue of $7.5 billion for the 12 months ended March 31, 2020.

Read More

DATA SECURITY

Area 1 Security and SolCyber Partner to Deliver the Only Managed Preemptive Cloud Email Security to the Midmarket

Area 1 Security | October 22, 2021

Area 1 Security has been selected as the primary cloud email security provider for all customers of SolCyber, the first modern MSSP for the midmarket. Area 1's industry-first preemptive cloud email security stops phishing campaigns 24 days (on average) before they launch — keeping inboxes clean of threats that cause 95% of cybersecurity incidents. The SolCyber and Area 1 partnership brings best-in-class email protection to midsize organizations, which are increasingly targeted by phishing attacks. According to a recent survey by RSM US LLP in partnership with the U.S. Chamber of Commerce, 45% of mid-market executives said that social engineering attacks were successful last year — despite 90% of their organizations providing security awareness training. Additionally, 33% of mid-market executives disclosed that they experienced a ransomware attack or demand in 2020. The implications for mid-market organizations — which typically have fewer in-house resources and specialty expertise compared to larger organizations —are significant and costly. In fact, of the mid-market businesses that have experienced a cyberattack, 63% are unable to resume normal business operations for over a month. In one 12-month period, Area 1 Security prevented more than half a billion dollars in direct losses for its customers, including some of the world's largest healthcare, financial services, retail and consumer goods brands. Its cloud-scale solution is one of the core components in SolCyber's Foundational offering, a simple-to-implement curated technology stack, which also includes endpoint with EDR capabilities, lateral movement detection, and active directory and admin exploitation prevention. We're very excited about our partnership with Area 1 Security. They have an amazing web crawling infrastructure that gives early warning protection that really matters to our customers. It's not often you can find a preemptive security technology that really works, and provides immediate value,Our customers want to stop ransomware and other cyber threats to their businesses. Period. But they typically don't have the time or resources to build a mature security posture on their own. Area 1 fits seamlessly into our Foundational Coverage, it deploys in minutes and is highly scalable, accelerating our customers' time to realize true value. SolCyber CEO Scott McCrady "We are thrilled to partner with a modern MSSP with an extremely user-friendly model. Like Area 1, SolCyber is committed to making it easy for organizations of all sizes to deploy best-in-class cloud-based security," said Steve Pataky, chief revenue officer of Area 1 Security. "We look forward to getting all of SolCyber's customers to INBOX.CLEAN™ — an inbox free of ever-evolving threats that defraud companies of data, dollars and brand confidence." About SolCyber SolCyber, a ForgePoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are streamlined, accessible and affordable for any organization. SolCyber is disrupting the status quo, by providing a new standard of managed security services that work to reduce cyber risk, wastage and complexity. We believe in a secure environment for all. For more information about SolCyber, visit solcyber.com or follow us at @SolCyberMss or on LinkedIn. About Area 1 Security Area 1 Security is the only company that preemptively stops Business Email Compromise, malware, ransomware and targeted phishing attacks. By focusing on the earliest stages of an attack, Area 1 stops phish — the root cause of 95 percent of breaches — 24 days (on average) before they launch. Area 1 also offers the cybersecurity industry's first and only performance-based pricing model, Pay-per-Phish. Area 1 is trusted by government agencies and Fortune 500 enterprises across financial services, healthcare, critical infrastructure and other industries, to preempt targeted phishing attacks, improve their cybersecurity posture, and change outcomes.

Read More

Innovative partnership established by CyberSecure and Tellabs to provide unparalleled network security

prnewswire | October 07, 2020

CyberSecure IPS and Tellabs have announced a global, go-to-market partnership with far-reaching consequences for the network technology and security industries. As part of the alliance, CyberSecure's Unified Cyber-Physical Protection will be added to the portfolio of Enterprise, Broadband and Network products and services offered by Tellabs. Tellabs clients, including service providers, government agencies, hospitals, schools, and residences, will now have the option to complement industry-leading Optical LAN technologies with best-in-class cyber-physical protection.

Read More