The average time it takes threat actors to move from initial access to lateral movement has fallen by 67% over the past year, putting extra pressure on security operations (SecOps) teams, according to CrowdStrike. The findings come from the security firm’s own investigations with customers across around 248,000 unique global endpoints. For incidents where this “breakout time” could be derived over the past year, it averaged just 1 hour 32 minutes. However, in over a third (36%) of…

Tim Berners-Lee has joined the advisory board of ProtonMail, just days after the encrypted email service was criticized for unmasking the identity of a user for French police. The worldwide web inventor was a scientist at the European Organization for Nuclear Research (CERN) at the same time as ProtonMail CEO Andy Yen, and helped to sketch the initial plans for what is now the world’s largest encrypted email service, with over 50 million users. “I’m…

Co-authored with Intel471 and McAfee Enterprise Advanced Threat Research (ATR) would also like to thank Coveware for its contribution. Executive Summary McAfee Enterprise ATR believes, with high confidence, that the Groove gang is associated with the Babuk gang, either as a former affiliate or subgroup. These cybercriminals are happy to put aside previous Ransomware-as-a-Service hierarchies to focus on the ill-gotten gains to be made from controlling victim’s networks, rather than the previous approach which prioritized…

For many years, there was a wide misunderstanding that encrypting some data is equivalent to protecting that data. If it’s encrypted, so the thinking goes, nobody else could access it, and it is therefore safe. While it is critical to encrypt data at rest as well as in transit, the job of protecting data goes much deeper. Encryption can mitigate risk from certain attack scenarios such as physically compromised hardware or a tapped network link,…

For many years, there was a wide misunderstanding that encrypting some data is equivalent to protecting that data. If it’s encrypted, so the thinking goes, nobody else could access it, and it is therefore safe. While it is critical to encrypt data at rest as well as in transit, the job of protecting data goes much deeper. Encryption can mitigate risk from certain attack scenarios such as physically compromised hardware or a tapped network link,…

Technology is not the only answer: An expert suggests improving the human cyber capacity of a company’s workforce plus cybersecurity technology offers a better chance of being safe. Image: iStock/vadimrysev Risk resulting from a cybersecurity event affects the entire organization. “As such, the cyber workforce—those responsible for preventing and responding to an attack—are no longer limited to just ‘the geeks in the basement,’” said James Hadley, CEO and founder of Immersive Labs, in an email…