WEBINAR | A Deep-Dive into 2023 Cyber Threats
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
April 25, 2024
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
More results...
Another busy month goes by, but the team has found some time to read around our threat intelligence-focused roles. This month’s installment looks at some more politically-driven analysis on opposite sides of the globe, as well as some good old-fashioned encryption techniques that caught our eye
Representatives of some of the biggest tech companies in the US met at the White House to pledge support in improving the US’ cyber security defences and readiness, writes the Financial Times. Executives from the technology, energy, insurance, banking and education sectors were present alongside President Joe Biden, where they discussed holes in US cyber defences.
The role of the private sector in securing critical infrastructure has never been more prevalent than today. So, if the Biden Administration wants to lessen the impact of events such as the SolarWinds compromise and Microsoft Exchange attacks, it needs input from leading companies.
The National Institute of Standards and Technology (NIST) has pledged to work with companies to strengthen software supply chains; Google has stated it will invest USD 10 billion in cyber security in the next five years; and Microsoft has promised USD 20 billion. This summit shows that the US Government has committed to advancing its cyber defenses and has recognized that its efforts would be hindered without the private sector doing the same.
Read the article here.
Byline: Rory
The Photon Team often reads about new and increasingly complex encryption mechanisms actively used throughout the cyber threat landscape. So, it was somewhat surprising to read an article published by Microsoft’s security team which stated that threat actors behind an ongoing spearphishing campaign were using Morse code for encryption. Insights into cyber threat campaigns such as this often drive the research and reporting that we do day in day out and so don’t guide what we read for leisure, but this story peaked our interest and fuelled discussion on an August episode of ShadowTalk.
The well-known, and rather historic, system of dots and dashes for encoding messages had seemingly featured as part of an eclectic mix of encryption techniques in this campaign tracked by Microsoft. The attackers were using these encryption mechanisms to obfuscate malicious HTML attachments and bypass browser and email security controls. The campaign embodied modern, dynamic cyber threats where threat actors make a special effort to alter their tactics, techniques, and procedures (TTPs); the threats actors responsible for these attacks were altering their TTPs approximately every 30 days.
The use of Morse code, although it was likely not that difficult to decrypt, demonstrates the variety of ways in which threats actors attempt to thwart analysis of their attacks. This probably came a nice but rather confusing surprise to the researchers tracking the campaign, serving as an ‘old-but-gold’ moment for encryption. While providing some detailed analysis of the attacks and the various techniques used, the article is an interesting addition to the catalogue of research that tracks the ways in which cyber attackers aim to stay ahead of network defenders.
Byline: Adam Cook
In the last couple of months, my reading up on the developments in Asia-Pacific (APAC) has largely been focused on China’s crackdown on its domestic technology sector. The vehicle hire service DiDi and their lacklustre debut on the New York Stock Exchange followed the silencing of supposedly defiant ‘techno-preneurs’ in China; these are the stories that have made my reading list.
This stringent oversight of the Chinese tech sector came as a surprise. With the Chinese Communist Party (CCP) under Xi Jinping regularly discussing technological developments in the last couple of years, this clampdown definitely sounds like it is going against the grain of what they’re trying to achieve. But on further examination, this move is probably warranted.
Today, data is power, and big tech companies have plenty of both. And to the overprotective parent figure that the CCP acts as, its children are running amok. They practice some self-serving moves: These companies block links to the services of other companies, deny merchants from selling on more than one platform, and practice discriminatory pricing strategies (regular users pay more than new users, iPhone users pay more than Android users etc). And by denying workers of the gig economy fair remuneration, they’re also pretty underhanded to the average worker trying to make ends meet.
As consumers, we hate to see these unfair practices at play. But is altruism really in action here? Let’s not forget that most of CCP’s ideologies and manifesto have echoed a common theme – the needs of the state must come first. In this case of state intervention, it is more likely that the CCP is worried about not having access to this trove of data, held by its domestic tech companies, within its own house, than it is doing so over magnanimous reasons.
At the same time, this level of intervention in the tech industry is also unthinkable in other parts of the world. There have been many calls for stronger regulatory enforcement on big tech companies. But, how many times have Facebook, Google, and Twitter been aksed to testify before Congress? And have these actions actually resulted in any response? Say what you will about the heavy-handedness of the Chinese state, but it may just be the answer we didn’t want to need. With great power, there should also be great humility. Maybe what we need every now and then is an absolute power to whip these tech titans into humility, for purposes such as prevention of abuse. Till then, there is no between.
Byline: Xue Yin Peh
Despite all your busy schedules, it is important to take the time to read around your subject areas and this is something we are also trying to do ourselves. This series will hopefully continue to inspire intelligence and research teams to read into the wider threat landscape and provide some fresh perspectives. In the meantime, if you’re looking for more in-depth threat intelligence, you can take SearchLight (now ReliaQuest’s GreyMatter Digital Risk Protection) for a 7-day test drive or contact us for a customized demo.