Forgepoint Capital’s Post

Subversion is a long-term campaign in which a threat actor- often a (or with the cooperation of a) credentialed and trusted insider like an employee, partner, or customer- abuses access to a company’s systems and data for their benefit. In our recent edition of #ForgepointTIPS, we explored this silent threat: https://lnkd.in/gJNzDGmU 📈 Most security teams understandably focus on “loud” threats like ransomware and data theft. However, threat actors can abuse trust and access to stealthily subvert company systems and data, often slipping under the radar. 🚨 When unaddressed by security posture and tooling, subversion can lead to significant impacts including long-term competitive degradation, reputational damage, and costs that match or exceed those of more immediate threats. 🔒Employ a mix of active and passive defenses to prevent, monitor, and respond to subversive threats. Thanks again to Dr. Shane Shook for his insights and to 1Kosmos, Bishop Fox, Constella Intelligence, Huntress, LYNX, SPHERE, Surefire Cyber Inc., and Symmetry Systems for helping companies prevent, detect, and respond to subversion. #forgepointfamily

RANSOM: To Pay or Not To Pay? As mentioned in the Boeing data breach, the attackers make a 'pinky promise' that they will not disclose the data exfiltrated. Double Extortion again. What are these implications for dealing with Ransomware? What does this say about the upfront, thoughtful protection and investment necessary to protect our systems? While we can never completely eliminate risk - we must do everything possible to limit the impact, when the attackers exfiltrate information. #cybersecurityleadership #cisos #ransomwareattack #ransomwareprotection From the Cybersecurity Collaborative Daily Morning Security Report https://lnkd.in/ehiVzw89

As #cybersecurity threats grow in complexity, here's how the @SECGov lawsuit against @SolarWinds changes the dynamic for all Chief Information Security Officers. https://lnkd.in/eQXxCB2n

Black Basta has swiftly made its mark in the ransomware scene, targeting over 100 enterprises across the globe and accounting for 7.2% of 2023's attacks. Known for its double extortion tactics, the group has extracted over $107 million from victims including the American Dental Association and Southern Water. Fighting ransomware requires more than traditional approaches. GYTPOL offers a smarter solution with advanced visibility and push-button remediation for security misconfigurations, SMB, RDP, LLMNR, TLS and much much more, effectively reducing misconfigurations and vulnerabilities, ultimately reducing the attack surface. 🔒 Secure your End-Point Devices. Streamline risk management. Prevent the next attack. Check out this blog: Black Basta: Adversary Analysis - Written by Will Matthews https://lnkd.in/e6H_UK9k #CyberSecurity #Ransomware #BlackBasta #EndPointSecurity #GYTPOL #securedeviceconfigurationmanagement #RiskManagement #ITSecurity Tal Kollender Tyson Hempel Paul Goldweitz Jake Dillon Yury Kissin 🇮🇱 Mark Zuk Ilan Mintz David Rummage Chris O'Connor Frank Tiano Justin M. Beard 🧔🏻Mor Bikovsky Bar Bikovsky

FS-ISAC's Navigating Cyber 2024 report is out now, shedding light on cyber threats targeting the financial industry. Stay informed and safeguard your organization's assets.

FS-ISAC's Navigating Cyber 2024 report is out now, shedding light on cyber threats targeting the financial industry. Stay informed and safeguard your organization's assets.

FS-ISAC's Navigating Cyber 2024 report is out now, shedding light on cyber threats targeting the financial industry. Stay informed and safeguard your organization's assets.

As we head into 2024, let's look back on some of the most high-profile cyber incidents that occurred in 2023 and what we can learn from them: https://loom.ly/5fwfy50 #cyberawareness #cyberintelligence #cyberincidents

According to the World Bank, more than 90% of the world’s businesses are small and medium-sized organizations, accounting for more than 50% of employment worldwide. Get the insights you need to defend against evolving threats targeting small medium business (SMBs)* by reading the Sophos 2024 Threat Report: Cybercrime on Main Street. https://gag.gl/X0HXtl