Skip to main content

Unify the Analyst Experience with Singularity Operations Center

On April 26, 2024, SentinelOne marked a significant milestone in security management with the launch of the Singularity Operations Center, the new unified security console. This major update to the Singularity Platform is now generally available (GA) to all cloud-native customers, representing a pivotal shift to a more integrated and efficient analyst experience for security teams.

This blog post introduces the many features of Operations Center and delves into how it centralizes security management with unified alerts, asset inventory management, a correlation engine, and our contextualized Singularity Graph to accelerate detection, triage, and investigation. Operations Center significantly boosts analyst productivity with enterprise-wide visibility and control, setting a high standard against other vendors with fragmented systems.

One Console, One Platform

Implementing disconnected tools for different attack surfaces and use cases has led to complex navigation, operational inefficiencies, and less visibility across security ecosystems. Using disparate tools has also generated data spread across multiple consoles, forcing analysts to continuously context switch and making it more difficult to understand their whole security landscape. Together, these pain points detract security teams from their ability to focus on everyday tasks while also creating slower, error-prone, and more manual triage and investigation processes. We built the Singularity Platform and Operations Center to help eliminate noise and workflow disruptions while providing best-in-class protection for organizations everywhere.

The Singularity Platform is an AI-powered cybersecurity platform with one console and one data lake for a truly unified experience. We worked closely with over 200 organizations to ensure the design of Operations Center prioritizes and empowers security analysts, threat hunters, security administrators, incident responders, and SOC managers, considering their everyday tasks through workflow-based navigation. Through our Design Partner Program, our active users, ranging from advanced to early-career analysts across different industries, play a vital role in the product development process to ensure our improvements enhance the overall analyst function.

Gain End-to-End Visibility and Control

One of the core philosophies of Operations Center is centralization. Consolidating security operations through intuitive and integrated design provides a single view across the enterprise. The new unified alert management page enables security teams to conduct faster and more comprehensive investigations by managing and responding to security alerts in one location.

Continue reading

Casey Mason | A 2024 Top 25 Women In Technology Winner

Mission Critical is excited to introduce you to the 2024 Top 25 Women in Technology. Meet Casey Mason.



Original author: This email address is being protected from spambots. You need JavaScript enabled to view it. (Amy Al-Katib, CDCDP)

Cloud Native Security | Prioritize Better, Respond Faster, with Verified Exploit Paths™

This week, SentinelOne launched Singularity Cloud Native Security (CNS), our agentless Cloud Native Application Protection Platform (CNAPP) uniquely designed to assess cloud environments through the eyes of a threat actor. As attackers increasingly target cloud environments, SentinelOne’s latest solution helps organizations better defend against these attacks.

CNS simulates attack methods to verify exploit pathways, so-called Verified Exploit Paths. In so doing, CNS reduces the noise of the theoretically possible so that cloud security practitioners can focus on fixing what matters most.

In this blog post, Ely Kahn, VP of Product Management for Cloud Security, AI/ML, and Core Platform, and Anand Prakash, Product Leader for SentinelOne’s Cloud Native Security, explore the value and outcomes of Cloud Native Security. Learn how our agentless CNAPP with a unique Offensive Security Engine is set to help security, developers, and cloud teams collaborate and communicate to radically reduce their cloud and container attack surfaces.

Think Like An Attacker | The Vision for Cloud Native Security (CNS)

Ely: Anand, could you outline our overall vision for Cloud Native Security (CNS)?

Anand: For me, Cloud Native Security (CNS) is cloud security that Thinks Like An Attacker.

Continue reading

Apple and Google deliver support for unwanted tracking alerts in iOS and Android

Apple and Google have teamed up to deliver support for unwanted Bluetooth tracking alerts in iOS and Android.

Original author: Apple Newsroom

Apple News+ introduces Quartiles, a new game, and Offline Mode for subscribers

Apple News+ introduced Quartiles, a new spelling game, and Offline Mode for subscribers to see News content without Wi-Fi or a cellular network.

Original author: Apple Newsroom

PinnacleOne ExecBrief | Cyber Strategy in Focus: Talent, Tools, and Intel

Last week, PinnacleOne examined the growing trend towards digital sovereignty, manifesting in national competition to secure and lead increasingly strategic cloud, AI, and space networks.

This week, we consider what the Office of National Cyber Director’s Annual Report means to modern enterprises.

Please subscribe to read future issues — and forward this newsletter to interested colleagues.

Contact us directly with any comments or questions: This email address is being protected from spambots. You need JavaScript enabled to view it.

Insight Focus | Stratagem

The Office of the National Cyber Director (ONCD) released its inaugural report on the cybersecurity posture of the U.S. last week. The report detailed a contested, complex, and interconnected environment for the U.S. government to navigate. Underlining the greatest hits of last year, like the Volt Typhoon disclosures and multiple takedowns of criminal hacking groups, the report detailed the offensive steps the government took to impact malicious actors. But, most of the content is focused on what the government can do to improve defensive conditions in the U.S. To that end, we have adapted some of the report’s themes for modern enterprise defenders to consider.

Continue reading

Apple Music celebrates the launch of inaugural 100 Best Albums list

Apple Music today announced the release of its 100 Best Albums of all time, a list crafted by Apple Music’s experts alongside industry professionals.

Original author: Apple Newsroom

Going global with remote peering

As the world becomes increasingly interconnected, it's more important than ever for businesses to provide seamless end-user experiences with high-performance global connectivity.

The Good, the Bad and the Ugly in Cybersecurity – Week 19

The Good | Russian-Based APT28 & LockBit Developer Condemned and Charged by International Enforcement

International law enforcement agencies took a hard stance against GRU-linked threat actors this week with the official condemnation of APT28 (aka Strontium, Fancy Bear, Forest Blizzard) and identification and sanctioning of LockBit ransomware’s administrator and developer.

NATO and the EU, joined by the U.S. and U.K., formally condemned the Russian threat group known as APT 28 for a long-term cyber espionage campaign against various European countries. In particular, Germany and the Czech Republic highlighted an email-based attack last year on various government agencies as well as organizations across the military, air and space, and IT sectors in NATO member countries, NATO fast reaction corps, and Ukraine. APT 28 has also been known to target critical infrastructures in various other EU member states.

The 2023 attack leveraged CVE-2023-23397, a zero-day vulnerability in Microsoft Outlook, to steal credentials, perform lateral movement in victim networks, and exfiltrate sensitive emails from specific accounts. NATO called on the Russian state to “respect their international obligations and commitments to uphold international law and act within the framework for responsible state behavior in cyberspace.”

From the DoJ, the identity of the developer and administrator behind the notorious LockBit ransomware group has finally been unveiled. Russian national Dmitry Yuryevich Khoroshev (aka LockBitSupp and putinkrab) is also being sanctioned by various international enforcement agencies with the U.S. Department of State offering a reward up to $10 million for information leading to his arrest or conviction.

Khoroshev’s sanctioning follows the joint operation earlier this year disrupting LockBit ransomware infrastructure and operations. Before the seizure of its public-facing websites and servers, Khoroshev and his affiliates were instrumental in LockBit’s rise to one of the world’s most prolific ransomware variants and operations, worth billions of dollars in damages and loss.

Continue reading

Data Center Energy Efficiency Assessment Toolkit

The Federal Energy Management Program’s (FEMP’s) Data Center Program assists federal agencies and other organizations with optimizing the design and operation of energy and water systems in data centers. It also funds the work at the Center of Expertise for Energy Efficiency in Data Centers (CoE) at Lawrence Berkeley National Laboratory.
 


macOS Cuckoo Stealer | Ensuring Detection and Defense as New Samples Rapidly Emerge

Infostealers targeting macOS devices have been on the rise for well over a year now, with variants such as Atomic Stealer (Amos), RealStealer (Realst), MetaStealer and others widely distributed in the wild through malicious websites, cracked applications and trojan installers. These past few weeks have seen a new macOS malware family appear that researchers have dubbed ‘Cuckoo Stealer’, drawing attention to its abilities to act both as an infostealer and as spyware.

In this post, we review Cuckoo Stealer’s main features and logic from a detection point of view and offer extended indicators of compromise to aid threat hunters and defenders. At the time of writing the latest version of XProtect, version 2194, does not block execution of Cuckoo Stealer malware. SentinelOne customers are protected from macOS Cuckoo Stealer.

More Cuckoo Stealers Appearing

Since the initial report on the emergence of this family of malware on April 30, we have seen a rise in new samples and trojanized applications from the four originally reported by Kandji to 18 unique trojanized applications at the time of writing, with new samples appearing daily.

The trojanized apps are various kinds of “potentially unwanted programs” offering dubious services such as PDF or music converters, cleaners and uninstallers (a full list appears in the IoCs at the end of this post) such as:

App Uninstaller.appDumpMedia Amazon Music Converter.appFoneDog Toolkit for Android on Mac.appiMyMac PDF Compressor.appPowerUninstall.appTuneSolo Apple Music Converter.app

As reported previously, these applications contain a malicious binary in the MacOS folder named upd. The most recent binaries – in ‘fat’ and ‘thin’ versions for both Intel x86 and arm64 architectures – are ad hoc codesigned and their parent applications all share the same bundle identifier, upd.upd.

Continue reading

Julia Larikova | A 2024 Top 25 Women In Technology Winner

Mission Critical is excited to introduce you to the 2024 Top 25 Women in Technology. Meet Julia Larikova.


Original author: This email address is being protected from spambots. You need JavaScript enabled to view it. (Amy Al-Katib, CDCDP)

Apple unveils stunning new iPad Pro with M4 chip and Apple Pencil Pro

The groundbreaking new iPad Pro features a stunningly thin and light design, taking portability and performance to the next level.

Original author: Apple Newsroom

Apple unveils the redesigned 11-inch and all-new 13-inch iPad Air with M2

Apple today announced the redesigned 11-inch and all-new 13-inch iPad Air, supercharged by the M2 chip.

Original author: Apple Newsroom

Apple introduces M4 chip

Apple today announced M4, the latest Apple-designed silicon chip delivering phenomenal performance to the all-new iPad Pro.

Original author: Apple Newsroom

Final Cut Pro transforms video creation with Live Multicam on iPad and new AI features on Mac

Apple today introduced Final Cut Pro for iPad 2, bringing huge updates that unleash the remarkable capabilities of the new iPad Pro.

Original author: Apple Newsroom

Logic Pro takes music-making to the next level with new AI features

Apple today unveiled the all-new Logic Pro for iPad 2 and Logic Pro for Mac 11, delivering breakthrough professional experiences.

Original author: Apple Newsroom

Alley LaBossiere | A 2024 Top 25 Women In Technology Winner

Mission Critical is excited to introduce you to the 2024 Top 25 Women in Technology. Meet Alley LaBossiere.



Original author: This email address is being protected from spambots. You need JavaScript enabled to view it. (Amy Al-Katib, CDCDP)

New games, including Rabbids: Legends of the Multiverse, arrive on Apple Arcade

In May and June, Apple Arcade adds five new titles, including Rabbids: Legends of the Multiverse and the spatial game Where Cards Fall.

Original author: Apple Newsroom

Apple’s 2024 Pride Collection shines light on LGBTQ+ communities

Apple introduces a new Apple Watch Pride Edition Braided Solo Loop, and a matching watch face and dynamic iOS and iPadOS wallpapers.

Original author: Apple Newsroom