Newsroom Archives - Page 2 of 10

Global 500 Energy Company Repsol Selects CardinalOps to Enhance Detection Posture and Reduce Risk of Breaches

“CardinalOps delivers the breadth of security coverage that we need to fix our detection gaps, resulting in a more secure environment and efficient security operations,” said Javier García Quintela, Global CISO of Repsol.

North Korean Attackers Penetrated Russian Rocket

“It’s not surprising that nation-state attackers were able to break into the network of a Russian design bureau so they could exfiltrate sensitive information,” said Phil Neray, vice president of Cyber Defense Strategy at CardinalOps.

Cuba ransomware group observed exploiting high-severity Veeam bug

Phil Neray of CardinalOps suggests that “organizations should protect themselves by implementing granular monitoring with detections that cover all of these adversary techniques and look for unusual or unauthorized access to backups.”

Cuba Ransomware Group Exploiting Veeam Flaw in Latest Campaign

A skilled, high-profile Cuban ransomware group employed “29 different MITRE ATT&CK techniques as they navigated the kill chain from initial access to defense evasion and lateral movement,” according to Phil Neray of CardinalOps.

Critical Flaws in PowerShell Gallery Enable Malicious Exploits

Phil Neray of CardinalOps describes the Aqua Nautilus vulnerability persisting within the PowerShell Gallery as “a classic supply-chain challenge when using open source code…” Neray offers an approach to help prevent attacks.

Using Automation to Hunt for the Elusive LOLBAS

The latest LOLBAS attacks are “innovative” and “difficult to detect” according to Phil Neray, VP of Cyber Defense Strategy at CardinalOps. Detection will require “machine learning that figures out how to spot suspicious activity.”

The Gately Report: Black Hat USA Edition

The Gately Report: Black Hat USA Edition highlighted Gartner’s recognition of CardinalOps as a Sample Vendor for automated security controls assessment (ASCA) as a “revenue opportunity for partners in many different ways.”

CardinalOps Recognized in 2023 Gartner® Hype Cycle™ Report for Security Operations and in 2023 Gartner Hype Cycle Report for Workload and Network Security

Gartner concludes that “Organizations implementing ASCA processes and technologies enhance staff efficiency, minimize the impact of human errors and improve resilience in the face of organizational churn.”

Cisco Nexus 9000 Users Must Disable Encryption to Dodge Vuln

“The advisory is deliberately vague about the weakness in Cisco’s encryption algorithm that would allow an adversary to read or modify the traffic,” said Phil Neray, VP of Cyber Defense Strategy, CardinalOps.

CardinalOps to Present at Splunk .conf23 User Conference on New Approach to Measuring Detection Posture Using MITRE ATT&CK

Phil Neray, VP of Cyber Defense Strategy at CardinalOps, will discuss how the CardinalOps platform uses automation and MITRE ATT&CK to continuously ensure Splunk instances have the right detections.

Cisco Security Alert: Enterprise Switches Vulnerable to Attackers, No Updates Available

Phil Neray, CardinalOps VP of Cyber Defense Strategy, weighs in on Cisco’s security alert saying the advisory is “deliberately vague” about Cisco’s encryption algorithm weakness that would allow an adversary to read or modify the traffic.

CardinalOps’ Releases Third Annual Report Analyzing Real-World Data from Production SIEMs

CardinalOps’ third annual report analyzes real-world data from production SIEMs covering nearly 4,000 detection rules across diverse industry verticals.