Content Category: News and Timely Content

News items and other timely articles on RedSense and Cyber Threat Intel.

The Importance of Defense in Depth: Lessons from the Recent CrowdStrike Outage

In the world of cybersecurity, even the most trusted tools can sometimes fail. This was underscored recently when CrowdStrike, an extremely well regarded cybersecurity company, inadvertently pushed a software update that impacted their customer’s systems and security services. While such incidents are rare, they serve as a reminder that no single piece of hardware or software is infallible. The reality is that failures, whether it be system outages or missed threat identifications, though infrequent, are an inevitable aspect of cyber defense technology.

Enterprise Security Magazine Recognizes RedSense as Top Threat Intelligence Solution Provider

RedSense is proud to be named a “Top 10 Threat Intelligence Solution Provider” by Enterprise Security Magazine, a recognition that highlights our excellence in accessible cybersecurity solutions and commitment to delivering directly actionable threat intelligence. The accolade emphasizes the importance of proactive measures in combating sophisticated cyber threats, an area where RedSense excels through the seamless integration of various threat intelligence types with network telemetry, catering to both large, sophisticated enterprises and smaller organizations that prefer an outsourced, service-oriented solution,

RedSense Public Sector Safety Shield Unveiled

RedSense launched a cybersecurity solution to help state cyber command centers protect smaller public entities like schools and municipalities. The solution is built on advanced threat intelligence and network flow monitoring to identify relevant cyber threats and does not require additional hardware or software to be installed. It monitors and protects both small institutions and larger state agencies from cyberattacks.

Strategic Alliance Reduces Cyber Threat for Small and Medium-Sized Enterprises

RedSense announced our partnership with Solis to deliver unique best-in-class cybersecurity protection and incident response to small and midsize businesses. RedSense and Solis are committed to delivering robust cybersecurity protection and swift incident response, specifically targeting the small and midsize business sector.

RedSense Cyber Threat Intelligence and Team Cymru Announce Strategic Partnership

RedSense, a trusted provider of Cyber Threat Intelligence (CTI) to some of the world’s most sophisticated threat intel organizations, including prominent Global Fortune 100 firms across numerous industries, and Team Cymru, a global leader in cyber threat intelligence and digital risk management solutions, announced today the launch of a strategic partnership to deliver deep threat analysis of global internet traffic.

Cybercriminals Target Your Holiday Cheer

There is an increase in cybercrime around Christmas and New Year that can be attributed to the holiday season’s unique online behaviors and opportunities that attract cybercriminals. During this period, there’s a surge in online shopping as people rush to buy gifts, often leading to a relaxed approach to clicking links and making transactions. This frenzy makes it easier for scammers to create fake websites or send phishing emails and smishing (SMS phishing) messages that mimic popular retailers or special holiday deals, thus capturing credit card details and personal information.

No Honor Among Thieves

Recently, the RedSense HUNT team has been working to understand how adversaries train their own pentesting teams to infect a victim environment and deploy stealer malware. Our ultimate goal is to educate RedSense  partners on what to expect from adversaries.​

​​​​Based on what we found in instructional videos created by the adversaries themselves, we have made numerous informative discoveries and one which shocked us and proves there really is no honor among thieves.

New RedSense Compromised Credential Service

RedSense today announced the availability of RedSense Compromised Credential Services 2.0. The new services include RedSense Credential Alert and RedSense Credential Investigator.

Posting Fullz - A Novel Trend Amongst Threat Actors

Chief Research Officer Yelisey Bohuslavskiy comments on a new trend we are seeing amongst threat actors.

Weaponizing Artificial Intelligence Large Language Models (LLMs)

RedSense looks at how adversaries are working to leverage artificial intelligence large language models (LLMs) for malicious exploits.

New RedSense Head of Product

RedSense is delighted to announce that #cybersecurity industry veteran Andrew Klein has joined the team as Head of Product including Product Marketing, Product Management and Sales Engineering. Over the last 35 years he has worked in software and security, most recently in various roles at RSA Security and NetWitness.

Unraveling BlackNET - Insights from RedSense Research

While dissecting the BlackNET botnet panel, our HUNT team uncovered significant adversarial information:

BlackNET Panel & Builder: Initially developed in 2019, the BlackNET MAlware-as-a-Serivice (#MaaS) panel serves as the operational backbone for client-side components such as #stealers, #bankers, and #loaders. Central to this process is the botnet builder, which we’ve reversed to grasp its functionalities.

Our investigation revealed the following capabilities:

  • Generate unique victim IDs and distinct hash sums for data logged in the panel.
  • Specify the destination and filename for the malicious file.
  • Launch this file at a predetermined time.
  • Add the malicious file to the startup processes.
  • Ensure the malicious file doesn’t execute in a virtual environment, providing a secure setting for file checks.
  • Conceal the activity of this file.
  • Encrypt data.
Full Article

RedSense Grows Intelligence Operations Team

Today we proudly welcome Michael Nichols to the team!

Michael has 10 years of IT/Cyber experience ranging from the private sector and the CoastGuard for over 5 years as a Malware Analyst.

Michael is joining the RedSense as a DoD_SkillBridge intern.

Full Article

New Methods of Obfuscation in Fraud/Carding Community

A recent RedSense investigation has discovered a prevalent trend in cyberfraud groups: IP address obfuscation via a new cloaking methodology. The primary channel for dissemination of new methods such as this are Telegram chats, particularly channels that have a sizeable number of subscribers with technical knowledge.

Ransomware Groups Vie to Stay On Top

Ransomware groups are continuously refining and updating their strategies to remain at the forefront of successful cybercrime organizations. These groups regularly adapt to the changing cybersecurity landscape, implementing new or modified techniques to bypass defenses and exploit vulnerabilities.

The Quantum Resistance Corporation and RedSense Announce Partnership

The Quantum Resistance Corporation (QRC), post-quantum security experts, today announced a strategic partnership with RedSense, a leading threat intelligence and cybersecurity firm. RedSense will provide network security and management services for the QRC, and together RedSense and QRC will provide security for cryptocurrencies.