CISA Alert (AA22-321A) - Hive Ransomware Analysis
Threat actors are using Hive ransomware variants to target the government, communication, critical manufacturing, information technology, and healthcare sectors.
Initial access is carried out with phishing emails or by exploiting flaws in Internet facing applications.
The adversaries exfiltrate sensitive information prior to encrypting files and threatens to release the stolen data if the ransom is not paid.
Featured Resources
blog
Out of Sight, Beneath the Surface: Exploring Delegated Admin Risks in AWS Organizations
How Chaining Delegated Admin with a Mis-scoped Managed Policy Allowed Escalation from a Compromised Account to Full AWS Organization Control
E-book
Optimize Your Cyber Defenses with Exposure Validation
CTEM guidance built around exposure validation to surface real exposures, strengthen existing controls, and reduce uncertainty
blog
AI and ML for SIEM: The New Standard in SOC Defense
Traditional SIEM systems, while foundational to enterprise security operations, can reach a limit in increasingly-complex environments. As organizations face more