Trellix Advanced Research Center: Digest #15
Blurring the Lines: How Nation-States and Organized Cybercriminals Are Becoming Alike
China-backed cyber espionage groups are beginning to deploy ransomware, blending traditional espionage with financial motives. What does this convergence mean for security?Speaking to this, Tomer Shloman from our Advanced Research Center expands on how combining tactics and techniques blurs the lines. Security Boulevard shares more here, or read it on the blog.
Trellix Advanced Research Center researchers warn the line between espionage and cybercrime is blurring. A $2M ransomware attack in Asia last fall was linked to a series of China-based espionage incidents — both leveraging the same toolset. More from Security Boulevard.
Other cyber firms, such as Trellix, have likewise noticed an increase in the blurriness of the lines between nation-states and criminals. “Recent evidence suggests an unsettling convergence of tactics, techniques, and even objectives, making it challenging to distinguish between them,” Tomer Shloman, a security researcher at the company, wrote last month.
Listen to the latest episode to hear more about our recent research from John Fokker .
To stay ahead of the curve, mastering AI-powered cybersecurity tools is a must. Join us for Un-prompted: The AI SOC Showdown to compete in a capture the flag challenge where you'll leverage Trellix Wise to achieve 100% alert investigation.
Finding Patient Zero with Endpoint Forensics
What happens when threats have evolved to erase their tracks? EDR with Forensics steps in — like a skilled investigator, it collects real-time events and captures forensic artifacts when malicious activity occurs. Senior Director of Security Research Ilya Kolmanovich and Director of Product Marketing, Endpoint Security Joe Malenfant explore the importance of forensic artifacts and why traditional EDR is no longer enough.
In the News
Following the arrests of four 8Base ransomware leaders, Help Net Security examines how the group took advantage of Phobos’ adaptable infrastructure & Trellix Advanced Research Center notes their synchronized inactivity hints at possible shared affiliates. Learn more.
The Cyber Titan Award for Top Global Women Leaders in Information Security honors women leaders who drive innovation, champion best practices, & make an impact in the industry.
Don’t miss the chance to nominate an industry trailblazer before Tuesday, March 11!
Senior Executive Technical Specialist (Associate Director)
1 周Some brilliant insights for awareness. Worth a read if you've any involvement within technology markets. Thanks Trellix!
Business Development Manager at Leads Genius.
2 周This digest sounds intriguing! I'm looking forward to diving into the insights. Let's discuss our thoughts after reading!
Great dad | Inspired Risk Management and Security | Cybersecurity | AI Governance & Security | Data Science & Analytics My posts and comments are my personal views and perspectives but not those of my employer
2 周Trellix, thanks for sharing this perspective: "China-backed cyber espionage groups are beginning to deploy ransomware." This could be to cover their tracks related to espionage efforts and attribution but could be to test their destructive cyber capabilities in critical infrastructure in countries if they invade Taiwan. Also, these groups can profit from very lucrative criminal activity to fund their operations and hide attribution.