Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Building Resiliency in the Face of Ransomware

Ransomware remains one of the biggest security threats in 2024. This follows a concerning resurgence in 2023, where more than $450 million in ransomware payments were reported in the first half of the year alone. The proliferation of Ransomware-as-a-Service (RaaS) and the subsequent attacks against a variety of businesses—from the smallest start-up to the most powerful multinational—reinforce what security professionals already know: ransomware is not going away.

Replicating Realistic Threat Behavior is Critical to Red Teaming, But It Doesn't Have to Be Complicated

Organizational red teams are tasked with the critical responsibility of ensuring preparedness against real-world threats. But the ability to accurately replicate complex threat behavior can often be resource-intensive, expensive, and difficult to operationalize. As sophisticated threat actors continue to evolve their attack patterns, replicating this rapidly changing behavior can become nearly impossible.

How a Fortune 500 data company leveraged SafeBreach to transition to 100% cloud

When a large data company decided to migrate their systems fully to the cloud, their cybersecurity team knew it would be a challenge. The company’s senior security architect put it succinctly: “Our CTO said, we’re going completely to cloud. Everyone buckle up.” Though the organization had assets in the cloud for many years, the team wasn’t sure they were ready to be 100% in the cloud from a security standpoint.

SafeBreach Coverage for AA24-060A (Phobos Ransomware) and AA24-060B (Ivanti Connect Secure)

On February 29th, the Cybersecurity and Infrastructure Security Agency (CISA) issued two separate advisories related to malicious behavior exhibited by threat actors. The first advisory AA24-060A pertains to Phobos Ransomware and the second advisory AA24-060B pertains to the exploitation of vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways.

ALPHV Blackcat, GCP-Native Attacks, Bandook RAT, NoaBot Miner, Ivanti Secure Vulnerabilities, and More: Hacker's Playbook Threat Coverage Round-up: February 2024

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting attack coverage for newly discovered or analyzed threats, including those based on original research conducted by SafeBreach Labs. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook™ to ensure coverage against these advanced threats.

State Government Organization Network Breach: SafeBreach Coverage for US-CERT Alert (AA24-046A)

On February 15th, the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) issued an advisory highlighting the results of their incident response investigation into a state government organization’s network whose sensitive data including host/user details and other pertinent metadata were posted to the dark web.

Volt Typhoon: SafeBreach Coverage for US-CERT Alert (AA24-038A)

On February 7th, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) issued an urgent advisory to warn about the possibility of People’s Republic of China (PRC)-affiliated threat actors seeking to execute disruptive or destructive attacks by positioning themselves on IT networks belonging to critical infrastructure entities.

Androxgh0st Malware: SafeBreach Coverage for US-CERT Alert (AA24-016A)

On January 16th, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory to highlight the ongoing malicious activities by threat actors deploying the Androxgh0st Malware. Detailed information about these activities and the associated indicators of compromise (IOCs) and the various tactics, techniques, and procedures (TTPs) is listed in Known Indicators of Compromise Associated with Androxgh0st Malware.

SafeBreach 2023 Year in Review: Reflections from Co-Founder & CEO Guy Bejerano

First, let me say happy new year! The holiday season has come and gone—seemingly overnight—and just like that, 2024 is well underway. At SafeBreach, we are eagerly looking to the new year and all that it will bring, including new goals and new opportunities to empower customers with greater visibility into the efficacy of their security tools and programs.