EDR Archives - Cyber Security Minute

The Defense Window is Closing: Why Declining Dwell Times Is Concerning

Issued by: CSO Online

While ransomware still dominates the threat landscape, recent Sophos research finds attacker dwell time decreased in 2022, from 15 to 10 days, for all attack types. For ransomware cases, the dwell time decreased from 11 to 9 days, while the decrease was even greater for non-ransomware attacks. The dwell time for the latter declined from…

Malware & Threats

ChatGPT creates mutating malware that evades detection by EDR

Issued by: CSO Online

A global sensation since its initial release at the end of last year, ChatGPT’s popularity among consumers and IT professionals alike has stirred up cybersecurity nightmares about how it can be used to exploit system vulnerabilities. A key problem, cybersecurity experts have demonstrated, is the ability of ChatGPT and other large language models (LLMs) to…

Malware & Threats

Exfiltrator-22: The Newest Post-Exploitation Toolkit Nipping at Cobalt Strike’s Heels

Issued by: Dark Reading

The post-exploitation tools market has chalked up a newcomer with the emergence of Exfiltrator-22. An upstart alternative to Cobalt Strike, the Exfiltrator-22 framework-as-a-service (FaaS) tool set, first seen in December, was “likely” developed by ex-affiliates of the notorious LockBit ransomware gang, according to researchers. According to a Cyfirma report on Feb. 28, Ex-22 possesses advanced…

Malware & Threats

Ransomware protection with Malwarebytes EDR: Your FAQs, answered!

Issued by: Malwarebytes

We get a few questions about ransomware protection and how our Endpoint Detection and Response software can protect you from ransomware. In this post, our security experts answer some of your most frequently asked questions about ransomware and how our EDR can help—let’s get started. Q: When considering an EDR solution, what anti-ransomware features should…

Application Security

Demo: Your data has been encrypted! Stopping ransomware attacks with Malwarebytes EDR

Issued by: Malwarebytes

It’s no secret that ransomware is one of the most pressing cyber threats of our day. What worse, ransomware gangs have increased their attacks on a range of vulnerable industries, with disruptions to business operations, million-dollar ransom demands, data exfiltration, and extortion. With Malwarebytes Endpoint Detection and Response, however, you can fight—and defeat—advanced ransomware that…

Network Security

How to choose an XDR vendor | Kaspersky official blog

Issued by: Kaspersky Blog

XDR (Extended Detection and Response) technology has already become one of the most conspicuous in the cybersecurity market. Its main advantage is its comprehensive approach to countering sophisticated cyberattacks. This is achieved by maximizing control over potential entry points and through the use of top-of-the-line tools for incident detection, threat hunting, investigation and response within…

Network Security

Want to Modernize Your SOC? Start with Data

Issued by: Security Week

I’ve discussed before how Security Operations Centers (SOCs) are now becoming detection and response organizations. But like most transitions, that shift doesn’t happen overnight. Three different areas need to be addressed – data, systems and people. Many organizations today deal with data that is noisy and unstructured, decentralized without prioritization, and managed with spreadsheets. Their…

Cloud Security, Network Security

Reinventing Managed Security Services’ Detection and Response

Issued by: Security Week

Managed security services are undergoing a timely and significant transformation, armed with new hyperscalable technology stacks, hybrid enterprise and cross-cloud protection complexities, and a demand to evolve from 24/7 eyes-on-glass into hands-on customer-integrated early warning and response. If it wasn’t a tired industry cliché we’d probably be adding “next-generation” or NG prefixes to many of…