Red CryptoApp: A New Threat Group in the Ransomware World
This is a preliminary report based only on the data leak site (DLS), listed victims, and other observed patterns. A detailed investigation will...
2 min read
David Swift : Thu, Jan 05, 2023 @ 05:34 AM
At Netenrich, part of what we’re doing is looking "left of bang." Bang (!) is geek speak for when we see detonation of malicious content. What happens before the compromise that makes us more likely to get hacked? We call it situational awareness. At any point along the way in a correlated series of events leading to a compromise, we can take action and remove the risk before bang.
Consider a few common scenarios where situational awareness and action prior to compromise could change the outcome:
As we extend situational awareness and tie events to active threat campaigns and exploits known to be in the wild — see Netenrich Knowledge Now (KNOW) for a free “trending threats” feed — we go one level deeper and can predict the “Likelihood” of an exploit.
How? By combining knowledge about the asset, its vulnerabilities, the number of exploits in the wild that leverage those vulnerabilities, and the actors and campaigns using those exploits. We can even map a customer’s business type to the campaigns targeting that vertical.
Netenrich combines auto-discovery of assets linked to a domain, vulnerabilities, and public information into Attack Surface Intelligence (ASI)* to surface public security risks and exposures prior to exploit.
And if you need help, we offer vulnerability management services (vulnerability scanning/asset discovery) and digital management services (patch management and proactive asset resolution).
On the CIS 18 Critical Security Controls list, asset inventory ranks as the #1 and #2 top priorities. If you don’t have a plan for asset discovery, inventory, and risk profiling — in other words, a “left of bang” plan to improve situational awareness — you might get burned by your auditors or have a cybersecurity insurance renewal or claim denied because you didn’t follow best practices. And that’s even if you don’t get hacked.
In the next installment in this series, I’ll lay out some common threat scenarios and show what we can detect.
*Please note, Attack Surface Intelligence (ASI) is now known as Attack Surface Exposure (ASE). For more information, please contact us.
The best source of information for Security, Networks, Cloud, and ITOps best practices. Join us.
This is a preliminary report based only on the data leak site (DLS), listed victims, and other observed patterns. A detailed investigation will...
As the first, exclusive pure-play Google Chronicle SecOps partner, Netenrich is 100% committed to the Chronicle SecOps and Mandiant technology stacks...
This article focuses on my research to uncoverthe identity of Hunters International ransomware group’s (Surface Web) Dedicated Leak Site (DLS). It...