News
RedSense Cyber Threat Intelligence Now Partnered with the National Cybersecurity Center
At RedSense, we believe in investing in the future of cybersecurity. That’s why we are proud to support the National Cybersecurity Center summer camps with a donation that will equip young learners with state-of-the-art computers.
RedSense Cyber Threat Intelligence Now Integrated with Stellar Cyber Open XDR
RedSense’s industry-leading Cyber Threat Intelligence is now integrated with Stellar Cyber’s Open XDR platform, empowering security teams with smarter alerts, better incident prioritization, and faster threat response. This powerful collaboration enhances cyber defense capabilities, ensuring organizations stay ahead of emerging threats with enriched insights and streamlined workflows.
Lockbit Persists
Despite the international takedown of LockBit nearly a year ago, its influence continues to shape the ransomware ecosystem. While the group itself has collapsed, its techniques, tools, and even its former members have been absorbed into other threat groups, ensuring that its legacy endures.
The Threat of Corporate Cybercrime During the Holiday Season
As the year draws to a close, businesses worldwide gear up for the bustling holiday season. However, while companies focus on closing out their fiscal years, managing holiday promotions, or preparing for reduced staff levels, cybercriminals are gearing up for their own end-of-year surge. The holiday season, including New Year’s celebrations, presents a unique and lucrative opportunity for malicious actors to exploit vulnerabilities in corporate cybersecurity defenses.
Threat Intelligence Use Cases for Legal
RedSense, in conjunction with law firm Norton Rose Fullbright, recently held a webinar exploring the potential of Cyber Threat Intelligence (CTI)in common legal and regulatory scenarios. The presentation looked at mitigating cyber risks and reducing legal exposure, ensuring compliance, and more rapidly responding to incidents involving sensitive and possibly exfiltrated data.
Enterprise Security Magazine Recognizes RedSense as Top Threat Intelligence Solution Provider
RedSense is proud to be named a “Top 10 Threat Intelligence Solution Provider” by Enterprise Security Magazine, a recognition that highlights our excellence in accessible cybersecurity solutions and commitment to delivering directly actionable threat intelligence. The accolade emphasizes the importance of proactive measures in combating sophisticated cyber threats, an area where RedSense excels through the seamless integration of various threat intelligence types with network telemetry, catering to both large, sophisticated enterprises and smaller organizations that prefer an outsourced, service-oriented solution,
RedSense Public Sector Safety Shield Unveiled
RedSense launched a cybersecurity solution to help state cyber command centers protect smaller public entities like schools and municipalities. The solution is built on advanced threat intelligence and network flow monitoring to identify relevant cyber threats and does not require additional hardware or software to be installed. It monitors and protects both small institutions and larger state agencies from cyberattacks.
Strategic Alliance Reduces Cyber Threat for Small and Medium-Sized Enterprises
RedSense announced our partnership with Solis to deliver unique best-in-class cybersecurity protection and incident response to small and midsize businesses. RedSense and Solis are committed to delivering robust cybersecurity protection and swift incident response, specifically targeting the small and midsize business sector.
RedSense Cyber Threat Intelligence and Team Cymru Announce Strategic Partnership
RedSense, a trusted provider of Cyber Threat Intelligence (CTI) to some of the world’s most sophisticated threat intel organizations, including prominent Global Fortune 100 firms across numerous industries, and Team Cymru, a global leader in cyber threat intelligence and digital risk management solutions, announced today the launch of a strategic partnership to deliver deep threat analysis of global internet traffic.
Cybercriminals Target Your Holiday Cheer
There is an increase in cybercrime around Christmas and New Year that can be attributed to the holiday season’s unique online behaviors and opportunities that attract cybercriminals. During this period, there’s a surge in online shopping as people rush to buy gifts, often leading to a relaxed approach to clicking links and making transactions. This frenzy makes it easier for scammers to create fake websites or send phishing emails and smishing (SMS phishing) messages that mimic popular retailers or special holiday deals, thus capturing credit card details and personal information.
No Honor Among Thieves
Recently, the RedSense HUNT team has been working to understand how adversaries train their own pentesting teams to infect a victim environment and deploy stealer malware. Our ultimate goal is to educate RedSense partners on what to expect from adversaries.
Based on what we found in instructional videos created by the adversaries themselves, we have made numerous informative discoveries and one which shocked us and proves there really is no honor among thieves.
New RedSense Compromised Credential Service
RedSense today announced the availability of RedSense Compromised Credential Services 2.0. The new services include RedSense Credential Alert and RedSense Credential Investigator.
Posting Fullz - A Novel Trend Amongst Threat Actors
Chief Research Officer Yelisey Bohuslavskiy comments on a new trend we are seeing amongst threat actors.
Weaponizing Artificial Intelligence Large Language Models (LLMs)
RedSense looks at how adversaries are working to leverage artificial intelligence large language models (LLMs) for malicious exploits.
New RedSense Head of Product
RedSense is delighted to announce that #cybersecurity industry veteran Andrew Klein has joined the team as Head of Product including Product Marketing, Product Management and Sales Engineering. Over the last 35 years he has worked in software and security, most recently in various roles at RSA Security and NetWitness.
Unraveling BlackNET - Insights from RedSense Research
While dissecting the BlackNET botnet panel, our HUNT team uncovered significant adversarial information:
BlackNET Panel & Builder: Initially developed in 2019, the BlackNET MAlware-as-a-Serivice (#MaaS) panel serves as the operational backbone for client-side components such as #stealers, #bankers, and #loaders. Central to this process is the botnet builder, which we’ve reversed to grasp its functionalities.
Our investigation revealed the following capabilities:
- Generate unique victim IDs and distinct hash sums for data logged in the panel.
- Specify the destination and filename for the malicious file.
- Launch this file at a predetermined time.
- Add the malicious file to the startup processes.
- Ensure the malicious file doesn’t execute in a virtual environment, providing a secure setting for file checks.
- Conceal the activity of this file.
- Encrypt data.
RedSense Grows Intelligence Operations Team
RedSense welcomes Mike Nichols to the intel operations (INTELOPS) team. He joins us from the Department of Defense SkillBridge program which provides service members to transition to civilian industry through internships.
New Methods of Obfuscation in Fraud/Carding Community
A recent RedSense investigation has discovered a prevalent trend in cyberfraud groups: IP address obfuscation via a new cloaking methodology. The primary channel for dissemination of new methods such as this are Telegram chats, particularly channels that have a sizeable number of subscribers with technical knowledge.
Ransomware Groups Vie to Stay On Top
Ransomware groups are continuously refining and updating their strategies to remain at the forefront of successful cybercrime organizations. These groups regularly adapt to the changing cybersecurity landscape, implementing new or modified techniques to bypass defenses and exploit vulnerabilities.
