Aggregator

CDA Verzekeringen Has Fallen Victim to RansomHub Ransomware

When we founded SpecterOps, one of our core principles was to build a company which brought unique insight into high-capability adversary tradecraft, constantly innovating in research and tooling. We aspired to set the cadence of the cyber security industry through a commitment to benefit our entire security community. Today, I am thrilled to announce that SpecterOps has raised $75 million in Series B funding to further our mission and strengthen our work in solving the complex problems posed by Identity Attack Paths.

We look forward to expanding the reach of BloodHound, our platform for comprehensively identifying and removing Identity Attack Paths and accelerating our contributions to the community through open-source tools and research. As we look to the future, we are growing product engineering and research teams to continue to build out attack path coverage and features in the BloodHound platform, in addition to sales and marketing teams to better serve our customers and the broader security community.

The Series B round was led by global software investor Insight Partners, with participation from Ansa Capital, M12, Ballistic Ventures, Decibel, and Cisco Investments. We are privileged to work with partners that bring strong cybersecurity expertise and, most importantly, they understand the complexity of the problem we are trying to solve. Their support will be invaluable as we continue our growth trajectory.

As corporate systems become more distributed and complex due to cloud adoption and organizational change, Identity Risk becomes increasingly prevalent. Identity services, like Microsoft Active Directory and Entra ID, become pathways into enterprise networks. These environments become extremely challenging to secure against attacks as their complexity enables exponential growth in lateral movement and escalation opportunities which are difficult to detect. Tens of thousands of user accounts and devices across multiple technology stacks, coupled with decades of built-up technical debt and misconfigurations, create Identity Attack Paths that attackers can exploit to turn initial access into complete enterprise takeover.

Strong Identity security, centered through Attack Path Management, significantly constrains attackers’ options as they gain initial footholds into the enterprise, preventing them from attaining their objectives and causing devastating business impacts. Our approach focuses on identifying the Attack Paths that matter most — the “choke points” that lead to high-value assets. Attack Path Management identifies the least disruptive configuration changes that will reduce the most risk. On average, our customers see a 40% reduction in Identity Risk in the first 30 days of implementation.

Since launching BloodHound Enterprise in 2021, SpecterOps has experienced significant growth in company headcount, new customers, and revenue. We received FedRAMP® High Authorization for BloodHound Enterprise in December 2024 and earned CREST accreditation for penetration testing services this January. Within the last year, Kevin Mandia joined us as chair of our Board of Directors, and we launched our fast-growing channel partner program to accelerate adoption of Attack Path Management to combat complex Identity Risk.

Our team exists as a collection of aspirations made real by hard work, but we also exist within the constraints of the society in which we operate. We believe that security is a fundamental right in our increasingly digital world, and our mission is to help organizations protect their most critical assets from sophisticated attackers.

I invite you to join me, along with fellow executives Jared Atkinson and Justin Kohler, for a webinar on “What’s New in BloodHound: Latest Updates and A Look Ahead” at 2 p.m. EDT on Thursday, March 20. Additionally, SpecterOps will host our annual cybersecurity conference SO-CON 2025 March 31-April 1 in Arlington, Virginia. To register for the event, visit https://specterops.io/so-con/.

We feel incredibly grateful for the partners, customers, and friends we have gained throughout our company journey, and we are excited for the next stage in our growth as we continue our work to strengthen Identity security and help organizations better protect themselves in an increasingly complex threat landscape.

Fueling the Fight Against Identity Attacks was originally published in Posts By SpecterOps Team Members on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post Fueling the Fight Against Identity Attacks appeared first on Security Boulevard.

Chicago Doorways, LLC Has Fallen Victim to Qilin Ransomware

Приручив фотоны, мы сможем выпускать миллионы квантовых чипов в короткие сроки.

Schmiedetechnik Plettenberg GmbH & Co. KG Has Fallen Victim to LYNX Ransomware

The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sinkholing communications for half a million infected devices. [...]

Best Collateral Has Fallen Victim to RHYSIDA Ransomware

Properly securing containers has never been easy, but the rise of software supply chain attacks — and new threats coming from AI — makes additional security controls essential. Threats and risks must be identified and addressed before containers are deployed, of course, but because the size and complexity of these virtual, self-contained software applications can grow enormously post-deployment, security efforts must never cease.

The post 7 container security best practices appeared first on Security Boulevard.

Chinese espionage group Silk Typhoon is increasingly exploiting common IT solutions to infiltrate networks and exfiltrate data

In our newest MixMode report, we break down how a critical infrastructure provider uncovered active nation-state and insider threats within three days of deploying our AI-driven security platform.

The post MixMode Uncovers Nation-State Attacks, Insider Threats, and Regulatory Risks in Critical Infrastructure Environment within 3 Days of Deployment appeared first on Security Boulevard.

Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese state-sponsored espionage group that has begun targeting common IT solutions including remote management tools and cloud applications to gain initial access to organizational networks. This well-resourced and technically efficient group holds one of the largest targeting footprints among Chinese threat […]

The post Microsoft Warns of Silk Typhoon Hackers Attacking IT Supply Chain appeared first on Cyber Security News.

Whether we recognize it or not, anytime an incident occurs, it sets off the grieving process. But grief isn’t a bad thing: it’s how we process our emotional reactions and move on. That’s precisely what security teams need to do in the wake of a cyber incident—and you’d be surprised how well the stages of incident response map to the famous “Five Stages of Grief.” Starting with denial and moving through anger, bargaining, depression, and … More →

The post The 5 stages of incident response grief appeared first on Help Net Security.

The Health Sector Coordinating Council is kicking off a health sector mapping initiative aimed at helping the ecosystem avoid massive disruptions in the event of major cyber incidents, said Greg Garcia, executive director for cybersecurity at the Health Sector Coordinating Council.

The majority of significant attacks hitting the health sector involve unpatched vulnerabilities dating back years, a situation cybercriminals are more easily and swiftly able to exploit using AI-based tools, said Health Information Sharing and Analysis Center President and CEO Denise Anderson.

As clinicians move to a model of working anywhere - on many types of devices and under a variety of different internet environments - web browser security is a heightened concern, said John Frushour, vice president and CISO at New York-Presbyterian Hospital, and CyberEdBoard member.

Hiatus Could Embolden Moscow
Reports suggesting that the U.S. federal government is going soft on Russia in cyberspace sent shockwaves through the cybersecurity community. Resuming computer network attacks and other exploitation efforts after a pause isn't as simple as flipping a switch.

Code of Practice for Software Vendors Sets Baseline Security Expectations
A British government proposal to strengthen software supply chain security received positive feedback from vendors who said voluntary best practices could strengthen cyber defenses. The guidelines suggest requiring multifactor authentication for developers and timely vulnerability patching.

Gartner's Bart Willemsen on Need to Adopt Post-Quantum Cryptography
Nation-state adversaries will likely harvest stolen encrypted data for decryption using quantum decryption, when available. Bart Willemsen, vice president analyst at Gartner, urges enterprises to transition to post-quantum cryptography algorithms to safeguard their data.

Author/Presenter: Jeffrey Knockel, Mona Wang

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – War Stories – Breaking Network Crypto In Popular Chinese Keyboard Apps appeared first on Security Boulevard.