risk3sixty

??Yesterday, Google acquired Wiz, a cybersecurity startup, for $32 billion. This is Google's largest acquisition to date, especially as they continue to ramp up their cloud computing business. ?? Wiz is Google's largest acquisition to date, especially for a young company. ?As part of Google Cloud, this will boost their cybersecurity solutions offerings as it competes against Amazon and Microsoft. In 2024, Google attempted to acquire Wiz for $23 billion, but was rejected. Now that #Google has acquired Wiz, how will this benefit them? Takeaways: ??? Google already offers a number of #security options, such as Google SecOps. ?? Wiz will continue to be available across other major #cloud services ("multi-cloud"), including their current partners (Azure, Oracle, AWS, and others). ?? As competition around #AI grows, this acquisition will help Google expand their cloud computing business and increase competition. Learn more about Google's acquisition of Wiz in the links in the comments below. ??

???????? ????????????????: ???????????? ?????? ???????????????????? ???????????????????? ????????’?? ?????????????? Join us for a hands-on workshop where our Offensive Security team will break down real-world techniques used to infiltrate, exploit, and ransom organizations. You’ll get an inside look at how attackers operate and how to defend against them. What you’ll learn: - How groups like Blackbasta gain initial access - Common attack techniques and evasion tactics - Defensive strategies to detect and mitigate these threats Why attend? - Combination of presentation, live demonstrations, and hands-on lab exercises - Practical skills to detect, prevent, and respond to ransomware threats - 3.0 CPE credits available for those that attend ?? Date: Thursday, March 27th ?? Time: 9am Get the details, agenda and secure your spot: https://hubs.ly/Q03bxglZ0 This is a must-attend for those who take cybersecurity seriously. Learn how to stop ransomware before it stops you. #CyberSecurity #Ransomware #BlackBasta #RedTeam #ThreatIntel

Story Time: What a Physical Penetration Test Revealed About Security ?? Jason had two decades of experience in security. His financial institution had top-tier locks, cameras, and badge systems. But when it came to real-world security—how easy was it to actually get in? Enter Nick—better known in security circles as The Mold King of Philadelphia. His mission? Walk into a high-security financial office, gain access to the SWIFT terminal, and walk out undetected. A clipboard, a fake work order, and confidence. That’s all it took to stroll past employees who didn’t question his presence. ?? The Takeaway? Technology alone isn’t security. Jason’s team learned the hard way—but at least it was before a real attacker got in. Read the full story below. #Cybersecurity #RedTeam #PhysicalSecurity #OffSec

Possible Backdoor Found in Millions of Programmable Chips, Akira Ransomware Gets Smart, Update on $1.5B Bybit Crypto Theft ? ?? Get the 2025 Cybersecurity Trends Report: https://lnkd.in/ePxRgNQB ?? Possible Backdoor Found in Millions of Programmable Chips? Researchers from Tarlogic Security have uncovered undocumented commands within Espressif's widely-used ESP32 microcontroller, which facilitates Wi-Fi and Bluetooth connectivity in over a billion IoT devices. These hidden commands could enable attackers to spoof trusted devices, gain unauthorized data access, infiltrate other networked devices, and potentially establish persistent infections on critical equipment, including smartphones, computers, smart locks, and medical devices. The findings were presented at RootedCON in Madrid, highlighting significant security concerns for a vast array of consumer and industrial applications. ?? Akira Ransomware Gets Smart? In a recent incident, the Akira ransomware gang exploited an unsecured webcam to bypass a company's Endpoint Detection and Response (EDR) system. After initial attempts to deploy ransomware were thwarted by the EDR, the attackers scanned the network and identified a vulnerable webcam running a Linux-based operating system without EDR protection. They leveraged this device to mount Windows SMB network shares and deployed their Linux-based ransomware, successfully encrypting files across the network undetected. This incident underscores the critical need for organizations to secure IoT devices and not rely solely on EDR solutions for comprehensive cybersecurity.? ? ?? Undocumented commands found in Bluetooth chip used by a billion devices: https://lnkd.in/ensvtQVA ?? How the NSA Intercepted Cisco Switches in Transit: https://lnkd.in/eHynuvGB ?? Akira Ransomware Uses Webcam to Bypass EDR: https://lnkd.in/eF9K-HWB ?? Safe Wallet Investigation Updates and Community Call to Action (Bybit Update): https://lnkd.in/e3mPcrVx? ?

???????? ?????????????????????????? ???????????? ????????????: We examined the data and this is where things are headed in 2025. ?????? ???????????? ???? ????? Before you read this report, we want you to have a sense for where this analysis came from, why we have an opinion in the first place, and why it's worth your time to read. In short, I think it comes down to the quality of our analysis: #??: ???????????? ???????? ????????????????: For the past year, we have produced a weekly cybersecurity executive brief. To prepare for the brief each week we analyze breach data from news headlines, our own OSINT gathering, scraping popular breach repos, and a variety of other trusted sources. All of that work helped form the analysis in this report. #??: ????????+ ??????????????????????: Our team at risk3sixty has performed over 2000 cybersecurity assessments for hundreds of companies. We store those results in a structured format in our platform fullCircle GRC. As a result, we have a pretty good sample size of the state of cybersecurity maturity inside a wide variety of organizations over time. ???????????? ?????? ???????????? These two points give us a unique vantage point to examine the state of cybersecurity and the common challenges facing the industry. Inside the report here's what we cover: 1. Five trends we saw from 2024 2. Five emerging cybersecurity risks headed into 2025 3. Five cybersecurity maturity opportunities (that are beyond the obvious) We hope this report presents some compelling data on where things are headed, why they are headed there, and some things you should be thinking about over the next year. Link to download for free in the comments.???

Armada Continuous Testing has us become an extension of your team that continuously optimizes your security posture. Continuous Testing means "always on" security that includes: - Roadmaps and planning - Armada platform setup - New asset testing - Threat-based missions and more. As with all Armada services, you get ???????? ???????? ???????????? ???? ?????? ???????????????? ?????????????? ?????????????? ??????????, ?????????? ???? ?????????? - ?????? ????????. Plus we'll monitor your company's assets, new and existing, on an ongoing basis to automatically uncover threats for rapid remediation. We're shouting it from the rooftops: This isn't your average security. This is Armada. https://hubs.ly/Q039vX2J0 #cybersecurity #threatintel

Lazarus Group Nabs $1.5B, Ransomware Crew Internal Chats Exposed, Australia Blocks Kaspersky Products ?? Unprecedented Crypto Heist Targets Bybit Exchange In a record-breaking cyberattack, cryptocurrency exchange Bybit suffered a loss exceeding $1.5 billion in Ethereum assets. The sophisticated breach involved manipulation of a routine transfer from a cold wallet to a warm wallet, allowing attackers to reroute funds to an unknown address. Blockchain analysis firms have attributed this heist to the notorious Lazarus Group, a North Korean state-sponsored hacking collective. Bybit has assured users that all other wallets remain secure and that customer assets are fully backed, emphasizing their commitment to transparency and security. ?? Leaked Chats Expose Black Basta Ransomware Operations A significant leak of internal communications from the Black Basta ransomware group has provided cybersecurity professionals with valuable insights into the group's methodologies. The exposed chat logs reveal details about their preferred tools, custom malware loaders, and operational tactics. This information is instrumental for defenders aiming to bolster security measures and preempt potential attacks. The leak also highlights internal conflicts within the group, offering a rare glimpse into the dynamics of cybercriminal organizations. ?? Australia Prohibits Kaspersky Products on Government Systems The Australian government has officially banned the use of Kaspersky Lab products across all government systems and devices. This decisive action follows a comprehensive threat assessment that identified potential risks of foreign interference, espionage, and sabotage associated with the Russian-based cybersecurity firm. Australian authorities have mandated the removal of all Kaspersky software from government networks, reflecting a broader trend of caution against foreign technology perceived as security threats. ?? Bybit Confirms Record-Breaking $1.5 Billion Crypto Heist: https://lnkd.in/ea-39znq ?? DeFied Expectations — Examining Web3 Heists: https://lnkd.in/eyHGJVGR ?? What defenders are learning from Black Basta’s leaked chat logs: https://lnkd.in/eSs9VBeT ?? Australia bans all Kaspersky products on government systems: https://lnkd.in/etr4vgth

Armada Attack Surface Management (ASM) finds risks ???????????? ?????? ?????? ???????? ????. ASM is a tech-enabled ??? advanced security service that identifies, monitors, and mitigates risk across your entire ecosystem. And it doesn't stop at automation. Our operators are skilled at exploitation that challenges your security posture using the same tactics threat actors use. As with all ARMADA services, you get ???????? ???????? ???????????? ???? ?????? ???????????????? ?????????????? ?????????????? ??????????, ?????????? ???? ?????????? - ?????? ????????. Plus you'll receive comprehensive monthly reports ??, broken down in detail with in-depth remediation recommendations. We've said it before and we'll say it again. This isn't your average security. This is Armada. https://hubs.ly/Q039jHZK0 #cybersecurity #threatintel

Armada Red Team Testing finds where you're most vulnerable, ???????? ???????? ???? ????????????????: https://hubs.ly/Q0394NC40 The difference? Our advanced security pros are doing it to ??? ?????????????? your most valuable assets by uncovering where you're most vulnerable to attack. You can then take this information and fortify your cybersecurity while improving the response capabilities of your teams. This is why we say Armada is all about practicing proactive (not reactive) security. Red Teaming includes: - Real world attack simulations - Customized tactics and objectives - Weekly strategy sessions - Detection engineering and more The cherry on top is you get all this plus ???????? ???????? ???????????? ???? ?????? ???????????????? ?????????????? ?????????????? ??????????, ?????????? ???? ?????????? - ?????? ????????. Imagine having your own personal security concierge service comprised of elite professionals that are available the moment you need them ?? This isn't your average security. This is Armada.

?????????? ?????????????????????? ????????????????????? Today, we are celebrating Cal Supik's 5 years of excellence! Since joining risk3sixty in 2020, Cal has embraced the challenge of transforming an ambitious idea into what is now our flagship product, fullCircle—originally branded as Phalanx. Over the last five years, he has navigated complex technical hurdles, adapted to shifts in delivery and roadmap, and built a team of top-tier Software Engineers. From overcoming early architectural challenges to driving innovation that consistently raises the bar, Cal’s impact has been nothing short of extraordinary. His passion, perseverance, and leadership have left a lasting mark on our team and the entire company. Please join us in congratulating Cal on this incredible milestone! We look forward to many more years of success and growth together. ??