Tag Archive for: Dragos

Dragos Shares Ransomware Analysis | Manufacturing.net

/in


While international law enforcement’s relentless efforts have resulted in arrests and the dismantling of ransomware operations, the battle against ransomware groups continues. During the fourth quarter of 2023, we witnessed a slight decline in reported incidents, yet saw a surge in actions that kept the ransomware threat landscape dynamic. 

Ransomware groups consistently adapt by evolving their strategies, embracing new techniques, and even reconfiguring or rebranding their operations to bolster their earnings and evade detection. Yet international law enforcement has achieved noticeable results in fighting ransomware operations, including arresting members of ransomware groups, such as the arrest of a Ragnar Locker developer in Paris, and dismantling their infrastructure.

Additionally, the U.S. Justice Department, in collaboration with international agencies including Germany, Denmark, and Europol, disrupted the activities of the AlphaV ransomware group. The U.S. Federal Bureau of Investigation’s (FBI) developed a decryption tool that aided over 500 victims, preventing approximately $68 million in ransom payments. This operation is part of a broader initiative to combat major ransomware operations and apprehend key figures involved in global cyber disruptions. 

As ransomware groups have consistently demonstrated their capacity to innovate and refine their methods, active groups such as LockBit, BlackCat, Royal, and Akira adopted new techniques known as remote encryption or remote ransomware during the last quarter. This technique involves compromising an endpoint connected to the victim’s network and using it to launch the ransomware attack within the victim’s environment, thereby increasing the likelihood of a successful attack.

As Dragos assessed with moderate confidence in last quarter’s blog, ransomware groups continue to prioritize zero-day vulnerabilities in their operations. This strategic focus was evident in the actions of the LockBit ransomware group as they exploited a vulnerability known as ‘Citrix Bleed’ (CVE-2023-4966) during their attacks. LockBit leveraged this flaw to hijack authenticated sessions, gaining temporary access to various…

Source…

Dragos raises $200 million in Series D round. US sanctions four spyware firms, including NSO Group.

/in


At a glance.

  • Dragos raises $200 million in Series D round.
  • US sanctions four spyware firms, including NSO Group.

Mergers and acquisitions.

IBM Security plans to acquire endpoint threat response platform provider ReaQta. The company stated, “This move will expand IBM’s capabilities in the extended detection and response (XDR) market, aligning with IBM’s strategy to deliver security with an open approach that extends across disparate tools, data and hybrid cloud environments.”

CrowdStrike will acquire Santa Clara, California-based zero-trust security company SecureCircle. The company stated, “With this acquisition, CrowdStrike will extend its industry leading Zero Trust endpoint security device and identity capabilities to include data. The all cash transaction is expected to close during CrowdStrike’s fiscal fourth quarter, subject to customary closing conditions.”

Russian cybersecurity and antivirus firm Kaspersky has acquired Massachusetts-based SASE provider Brain4Net. Kaspersky stated, “By acquiring Brain4Net, Kaspersky aims to bring a completely new SASE offering to the market as a unified platform which will combine Kaspersky’s best-in-class security solutions and technologies with Brain4Net’s network orchestration and control capabilities and expertise. Due to this strategic move, Kaspersky will be able to offer its enterprise customers both security and connectivity services.”

New York-based cybersecurity platform provider BlueVoyant has acquired Washington, DC-based supply chain security company 202 Group. The company stated, “This acquisition will combine the capabilities of BlueVoyant’s powerful cloud-native, third-party cyber risk management solution with 202 Group’s supply chain risk management solution to create a new offering, BlueVoyant Supply Chain Command™.”

Swedish network security company Clavister has acquired AI-driven cybersecurity provider Omen Technologies (also based in Sweden). Clavister stated, “The acquisition of Omen immediately strengthens Clavister’s offering in Defence with significant identified upsell potential into the Clavister defence customer base as well as opportunities to grow amongst Omen’s attractive pipeline of customers. From a…

Source…

Dragos Industrial Cyber Security Platform

/in