Examine our research from the last year in the ReliaQuest 2024 Annual Cyber-Threat Report
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
March 26, 2024
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
More results...
I can’t start off this blog with the R-word. You know the one. I’ve poked fun at it before because we say it so much. As an intel provider, we have to write the word a lot. Here’s a hint: It’s been a top news story for months and it’s been in a scene full of upheavals this year, especially in just the last 2 quarters. Much like Jason Voorhees, or Freddy Krueger, or Michael Myers, Chucky, or the Scream guy, there have been so many reboots and sequels, and IT. KEEPS. COMING. BACK.
Don’t turn around!
For some ransomware crews we are hitting Fast & Furious or Friday the 13th levels of reboots and sequels, but that’s just the way 2021 has been working out. There’s money to be made, which is a pretty clear sign it’s not going anywhere. Before we dive too deeply into the usual ransomware recap, let’s talk about some other spooky, Halloween-adjacent events in cybersecurity.
In a sad twist, for a brief moment this month, it seemed as if the actual candy was not safe. Say what you will about candy corn. Personally? Not a fan. However, in case you missed it, the worlds of ransomware and candy corn have finally collided. Ferrara Candy, the largest producer of *gag* candy corn, was recently the victim of a ransomware attack.
Rest easy, tasteless friends who enjoy the treat. The factory is still up and working to deliver your “delicious” candy so the rest of us can throw it in the garbage can. As a society, we may have dodged the proverbial bullet. Hitting an institution like candy corn on the eve of a vital US holiday, especially given events of the last (almost) two years, it’s a little much. Who knows? Maybe this serves as the impetus to finally draw a line in the sand in the seemingly endless fight against ransomware.
In another unexpected twist where worlds collide, Kaspersky is now warning the public about hackers using not only Netflix’s runaway hit Squid Game as a lure but Squid Game COSTUMES. According to PC Mag, Kaspersky researchers spotted malware using lures consisting of fake Squid Game apps and merchandise to target users. If you’re planning on going as your favorite Squid Game (I haven’t watched it yet, so I don’t know what I’m talking about here) for Halloween, make sure it’s a legitimate site you’re visiting for costumes or that it’s a vetted app to watch it–as if you’re not already using someone else’s Netflix login.
Once again, though, all of this proves that criminals not only continue to ruin our fun, they continue to seize the zeitgeist to stay relevant and dangerous.
OK, here’s the serious bit. Kinda. One of the groups we couldn’t get enough of simply because of all the drama and chaos this year was REvil–a group with more stories than some of the biggest Hollywood franchises:
To recap, they slowly gained notoriety throughout 2019 and 2020, and suddenly in 2021, they became the subject of a lot of news stories due to some pretty groundbreaking events. We’ve devoted more than a few blogs and podcasts and one analysis of competing hypotheses exercise to them. They’re living in our brains rent-free 24/7.
All joking aside, the most recent hits in the press about REvil are important. While the FBI typically doesn’t comment publicly about ongoing operations, sources seem to point to a joint operation involving several US agencies and some amount of international cooperation that took them down, as reported in Ars Technica. REvil’s representatives have been banned from certain forums, and theories on the dark web are running rampant, as we wrote about last week. In one quote, VMware’s head of cybersecurity, Tom Kellerman, stated: “The gloves have come off.”
How this will affect other ransomware operations remains to be seen. Arrests of affiliates will likely continue since they play the role of the fall guys in this story, but how long until the core operators also begin to feel the pinch of law enforcement and/or government regulations closing in on them? Recent news about the Biden administration creating an agency centered on cryptocurrency is yet another step in the United States’ toughened stance against ransomware. This newfound hardness all started in the wake of the Colonial Pipeline incident and continued through the mess that was REvil’s making: the JBS and Kaseya attacks.
Finally, to switch gears a bit, I will say, as an avid meme historian, memes over the past two years have been fire. They’ve played with themes around the pandemic, cultural awakenings, politics, and so many world events, often with a delightful mix of surrealism, satire, and cynicism. Add cybersecurity to that list now.
A few users on Twitter recently took the whole “Parents beware, this is what they’re hiding in candy” trope to a new level for us in the security world, and it’s a delight. Behold:
There’s also a personal favorite that’s targeting CISOs and security companies:
So, before you send your trick-or-treaters out this weekend, make sure to let them know not to take any intelligence or security tool vendor demos from strangers, and check their candy to make sure no one slipped a Cobalt Strike beacon in it.
Oh, and patch your vulnerabilities. Happy Halloween from Digital Shadows (now ReliaQuest)!
Look, it’s truly a scary world out there sometimes, and these days, all of us are under some kind of cybersecurity threat all of the time. Intelligence is a layer in the defenses that adds context to your alerts and your work, with the goal being to make sure you’re secure. Whether it’s good old threat intelligence, the dark web, risk management, or you’re looking to keep an eye on the important assets, we can help you.
Request a free demo to see if SearchLight (now ReliaQuest’s GreyMatter Digital Risk Protection) works for you.