William Crowell’s Latest Foray: Cybersecurity Governance At [redacted]

Forbes.com - October 19, 2021

[redacted] (the company’s actual name is [redacted], Inc.), a cyber defense company, has just appointed a former Deputy Director of the National Security Agency to the company’s board. William Crowell has been active in the field of public and private information security for decades

Cyber Private Eyes Go After Hackers, Without Counterattacking

Wall Street Journal - October 18, 2021

Companies hit by hackers typically limit themselves to playing defense to comply with a federal law against invading someone’s computer. But some specialist cybersecurity firms say they can pursue criminals without launching their own attacks. Most cybercrimes in the U.S. fall under the Computer Fraud and Abuse Act, a 1986 law that prohibits unauthorized access of computer systems. The law effectively places offensive cybersecurity actions solely in the hands of the federal government.

Twitch is breached. MalKamak: a newly described Iranian threat actor. Chinese cyberespionage against India. SafeMoon phishbait. The ransomware threat. What counts as compromise.

thecyberwire.com - October 6, 2021

Twitch is breached. A newly discovered Iranian threat group is described. A Chinese cyberespionage campaign in India proceeds by phishing. SafeMoon alt-coin is trendy phishbait in criminal circles. As the US prepares to convene an anti-ransomware conference, Russian gangs show no signs of slacking off. Betsy Carmelite from BAH on AI/ ML in cyber defensive operations. Our guest is Adam Flatley of Redacted with recommendations from the Ransomware Task Force. And observations on what counts as compromising material.

How Insurers Play a Big Role in Spurring Cybercrime

MarketWatch.com - October 1, 2021

Organizations with cyberinsurance are more than twice as likely to pay ransoms as those without, according to a global survey commissioned by U.K.-based cybersecurity and software firm Sophos of 1,823 companies, governments, health systems, and other organizations that had been hit by ransomware. This is one of the first times such data have been gathered that show the extent of the relationship between cyberinsurance and ransomware payments. Critics say that relationship helps fuel a ransomware economy that the federal government estimates causes $445 billion in damages to the global economy every year.

Barron's How Insurers Play a Big Role in Spurring Cybercrime

Barrons.com - October 1, 2021

Ransomware extracted $18 billion in payments last year, and it’s expected there will be an attack every 11 seconds by this year’s end, a problem that some security experts and academic researchers say is exacerbated by the system meant to protect against cybercrime: the insurance industry. Organizations with cyberinsurance are more than twice as likely to pay ransoms as those without, according to a global survey commissioned by U.K.-based cybersecurity and software firm Sophos of 1,823 companies, governments, health systems,...

Paying Hackers’ Ransom Demands Is Getting Harder

DataCenterKnowledge.com - September 26, 2021

If your data center's ransomware recovery plan is to pay off the hackers with cryptocurrency, it's time to rethink your strategy as regulators crack down. Today, every data center manager should be aware of the dangers of ransomware and have a disaster recovery plan that doesn't involve paying hackers’ ransomware demands.

Treasury Sanctions Russian Crypto Exchange

Infosecurity-Magazine.com - September 21, 2021

The US Treasury has added a Russian cryptocurrency exchange to its sanctions list after claiming the firm helped facilitate ransomware payments for countless groups. SUEX is incorporated in the Czech Republic but reportedly operates out of Russia. The Treasury estimated that 40% of its transaction history is associated with “illicit actors.”

Infamous ransomware gang REvil returns to the dark web

SiliconANGLE.com - September 8, 2021

Infamous ransomware gang REvil has returned to the dark web, the shady corner of the internet reachable with special software, after disappearing in July amid pressure from the U.S. government on Russia to act on ransomware groups operating in the country. REvil, also known as Sodinokibi, was before its disappearance a prolific ransomware group linked to dozens of attacks. Its most high-profile attack before going dark involved targeting companies using information technology management software from Kaseya Ltd.

Paying ransom should be your last resort, cybersecurity expert says

TechRepublic - August 30, 2021

Paying ransom should be your last resort, cybersecurity expert says Some organizations can get by without paying in a ransomware attack, but others really have no choice, he says.

Expert: Governments and businesses must come together to combat ransomware threat

TechRepublic.com - August 30, 2021

Nations have to stop sheltering bad actors in order to stop them, expert says. TechRepublic's Karen Roby spoke with Adam Flatley, director of threat intelligence for Redacted, a cybersecurity company, about the future of cybersecurity. The following is an edited transcript of their conversation.

Ransomware: To pay or not to pay? That's the question

Zdnet.com - August 18, 2021

Tonya Hall interviews Adam Flatley, director of threat intelligence at Redacted Inc., about the options businesses have when facing a ransomware attack

Ransomware: Moving from defense to offense

zdnet.com - August 18, 2021

Tonya Hall talks to Adam Flatley, director of threat intelligence at Redacted Inc.,about what has been missing in anti-ransomware plans.

BankInfoSecurity Advisory Describes Chinese Attackers' Tactics

bankinfosecurity.com - July 19, 2021

Three federal agencies released a 31-page Joint Cybersecurity Advisory Monday that describes 50 tactics, techniques and procedures that Chinese state-sponsored cyberattackers are using to target organizations in the U.S. and allied nations. The Chinese attack techniques outlined in the report include exploiting well-known vulnerabilities in widely used applications, such as Pulse Secure, Apache, F5 Big-IP and Microsoft products.

US State Department offering $10 million reward for state-backed hackers

zdnet.com - July 15, 2021

The State Department announced a $10 million reward for any information about hackers working for foreign governments. The measure is aimed squarely at those participating in "malicious cyber activities against US critical infrastructure in violation of the Computer Fraud and Abuse Act." Officials said in a release that this included ransomware attacks targeting "critical infrastructure."

Clop Raid: A Big Win in the War on Ransomware?

threatpost.com - June 17, 2021

esterday’s noisy raid of the Clop ransomware gang in Ukraine was a major win according to most experts throughout the cybersecurity community, who said the moment marks a shift in the international war on ransomware. The raid, according to Ukrainian reports translated by eSpire analysts, included the arrests of six people in Kiev, the seizure of $185,000 in cash, a Tesla, a Mercedes and their computer equipment. Those arrested face up to eight years in prison, the records s

US Warns Russia of Cyber-Attack No-Go List

infosecurity-magazine.com - June 17, 2021

President Biden and his team have warned the Putin administration of 16 critical infrastructure entities that are off-limits for threat actors operating from Russia. The news came as the two leaders sat down in Geneva for a summit which Biden said was designed to ensure a “stable and predictable” relationship between countries following the turmoil of the Trump years.

After Nearly 6 Years, SMB Cybersecurity Provider Redacted Emerges From Stealth With $35M

Crunchbase - June 1, 2021

San Francisco-based cybersecurity provider Redacted officially emerged from stealth with a $35 million Series B to help small and medium-sized businesses be more secure.

Redacted comes out of stealth with $60M in funding and a new take on fighting cybercrime

techcrunch - June 1, 2021

Today a startup called Redacted is coming out of stealth with a different approach to tackling malicious activity — it applies threat intelligence, and then proactively goes after the hackers to recover data loss and disrupt their activities

[redacted] Closes $35M in Series B Funding to Disrupt Adversaries and Hold Attackers Accountable

Businesswire - June 1, 2021

Former Facebook CSO, NSA and CIA Operatives Team Up to Level the Playing Field for Organizations against Attackers