“Operation Cleaver” Blade Dulled
“Operation Cleaver” is an attack campaign Cylance details in a new report. They contend an Iran-based attack group has compromised hundreds of targets in multiple countries and industries. Regardless of the claims of attribution, the message is clear: well-financed, strategically focused attack groups continue to digitally plunder their targets. As a community, our decades-old approach to […]
Are Rogue Code Signing Keys in Your Environment?
Although this specific example has been exposed as part of a joke, the threat is real – code signing keys are often targeted by advanced attackers. Keys stolen during other breach operations have been used to sign malicious software. Perhaps this was inevitable – it appears the attackers behind the Sony breach are using stolen code signing keys […]
Slandering Andre Maginot
FireEye recently came out with a new report: Cybersecurity’s Maginot Line. It is an excellent report that documents findings from over 1,600 FireEye customers. Some key findings: Nearly all (97 percent) organizations had been breached, meaning at least one attacker had bypassed all layers of their defense-in-depth architecture. More than a fourth of all organizations […]