CyberBytes: The Newsletter #4!

Charlotte Harris
October 01, 2024

Welcome back to the fourth edition of CyberBytes: The Newsletter!

As we enter into the final quarter of the year, we’re thrilled to share even more valuable insights with you.

Here’s what you can look forward to in October’s edition of CyberBytes: The Newsletter:

💡 Talent Solutions - A look at some of the our top hiring case studies.

🔦 Vendor Spotlight - A spotlight on the hottest vendors in Cybersecurity.

📰 CyberNews - A round up of the latest news in Cybersecurity.

🔥 Hot Jobs Highlight - This month’s top job opportunities.

💡Talent Solutions - A Hiring Case Study 💡

Background:
Joseph Cooper, Co-Founder of Aspiron Search, was brought in by Tobias Boelter, Head of Security at Harvey AI, to lead a founding security team build. Their partnership spans several years, having worked together at Tobias’s previous three companies, where they developed a strong relationship, and proven track record.

The Challenge:
The roles required specialised expertise in niche security engineering disciplines, coupled with a difficult-to-fill location that mandated onsite presence. Additionally, the caliber of hires sought was exceptionally high, making the task particularly challenging.

The Outcome:
Joseph utilised his extensive network and deep subject matter expertise and robust search methodology to successfully place six world-class cybersecurity professionals within the security team, each bringing unique skills and perspectives. Notably, two of these engineers did not have active profiles on LinkedIn, highlighting Joseph's ability to identify talent beyond conventional channels. Their contributions have significantly strengthened Harvey AI’s security framework and enabled the company to better safeguard its assets in an increasingly complex threat landscape.

Are you looking to elevate your business and make impactful hires? Reach out to us at info@aspironsearch!

🔦 Vendor Spotlight 🔦

GreyNoise - Protecting the Missions of the World’s Most Important Organizations

GreyNoise provide real-time, verifiable threat intelligence powered by a global network of proprietary sensors, empowering security teams to work on the most urgent and critical threats.

What is GreyNoise’s core mission?

GreyNoise empowers the security teams of enterprises and global governments to act with speed and confidence by providing real-time, verifiable perimeter-based threat intelligence. This allows security teams to reduce noise in security operations, perform in-depth threat hunting campaigns, and focus on the most critical threats to their network. Our patented sensor technology enables us to collect and analyze unique threat data at-scale that no one else can. We provide the most actionable threat intelligence against mass internet scanning and exploitation, so that no attack works twice.

What are some unique insights GreyNoise has uncovered about internet background noise and malicious traffic patterns?

One of the most surprising insights we've uncovered is the rapid speed at which PoCs for popular, internet-facing technologies are weaponized and widely disseminated. Organizations with public-facing infrastructure are often caught off guard and left vulnerable if they don't act quickly.

Another unexpected finding is the resilience of botnets. Despite high-profile takedowns and arrests of botnet operators, the same compromised devices frequently resurface under new management with only a brief delay. This demonstrates how quickly control over these networks can be reestablished.

Lastly, we've observed an increasing prevalence of 'noise storms'—coordinated bursts of background traffic that go unnoticed by most organizations but are becoming more frequent and complex. Although we and other researchers are working to investigate these events, the individuals behind them are highly sophisticated, making it challenging to pinpoint their origin and intent.

How has the landscape of internet noise evolved in recent years, and what emerging threats or trends are you seeing today?

The nature of internet scanning has evolved significantly over the past few years, due in part to changes in how attackers gather information. Previously, it was common to see various botnets and individual actors conducting widespread 'inventory scans' across the internet to identify the locations of devices. Now, instead of conducting their own scans, many of these mid-tier actors are leveraging publicly available data sources like Censys and Shodan to build their target lists. This shift has required us to rethink our approach and develop new strategies to maintain visibility into their activities.

In terms of emerging threats, we're seeing an interesting tactic among less sophisticated attackers, where they simulate probing for outdated vulnerabilities—often appearing to target 'legacy' flaws that defenders believe are no longer relevant. However, their real objective is more strategic: they're mapping out which systems are patched in anticipation of a new, as-yet-undisclosed vulnerability. We refer to these as 'canary' scans, and they typically occur 2-3 weeks before a new vulnerability is publicly announced. This approach can catch defenders off guard, as it shifts attention from what’s already been secured to what’s coming next.

‘HoneyPots Are Back’ - GreyNoise

Learn more about the evolving threat landscape, the newest requirements for threat intelligence, and a defender checklist that offers security leaders and practitioners a path forward to the insights needed to defeat the current wave of attackers by following the link below!

GreyNoise Report - Honeypots Are Back

This report breaks down the evolving threat landscape, explores new requirements for threat intelligence, and lays out a honeypot maturity model and defender checklist.

info.greynoise.io/report/honeypots-are-back?utm_campaign=Gated%20Report%20-%20Honeypots%20are%20Back&utm_source=cyberbytes

📣 CyberNews 📣

The cybersecurity landscape is one that is very fast paced, so it can hard to keep up to date on the latest goings on, which is why we’ve made it simple! Check out our CyberNews round up below👇

🌐 Forescout has announced their new SaaS Operational Technologies (OT) solution, allowing organisations to secure complex, heterogeneous OT/IoT and IT environments anywhere.

📱Europol has shut down a major phishing scheme that was targeting stolen mobile phone credentials. The operation resulted in 17 arrests and the shocking recovery of 1.2 million mobile phones.

֎ OperantAI has announced they have secured a $10 million Series A funding to further expands its team and developments.

🚓 Song WU, a Chinese national, as been charged for a long term spear-phishing campaign that targeted NASA, universities and private companies. He faces up to 20 years for each wire fraud count.

🌐 Cyolo revolutionizes secure remote access with AI-powered supervision, simplifying access oversight and enhance the security of privileged connections.

🔥 Hot Job Highlight 🔥

Interested in advancing your career in cybersecurity? Look no further! We've curated a selection of top-tier positions currently available through exclusive searches. Explore our featured roles below and connect with us at [email protected] for further details!

📢 Head of Marketing - Series B - UK/US/Nordics

Working with a fast-growing, Italy-based cybersecurity company in IoT and embedded security. Following their recent Series B funding, they’re looking for a Head of Marketing to lead their global brand expansion. This role will require a versatile leader comfortable wearing multiple hats, driving strategy, and building a strong brand presence worldwide.

Reach out to us at [email protected] to find out more!

🤝 CyberBytes: The Community 🤝

Do you know anyone who is looking to break into the cybersecurity space but aren’t sure where to start? 🔍

We have created CyberBytes: The Community, the third instalment to Aspiron Search’s CyberBytes brand. CyberBytes: The Community is a dynamic, collaborative space designed to bring cybersecurity experts, enthusiasts and learners together from all corners of the industry. Whether you’re a seasoned professional or just starting out, this is your go-to platform for knowledge sharing, networking and professional growth.

It’s also your opportunity to apply to the next cohort of the FirstStep Initiative and kickstart your career in cyber!

Join us for our first ever webinar focused on networking, happening on October 30th. Be sure to join the community to get the latest sign-up details!

Join the Community here! 👇

Join the CyberBytes: The Community Discord Server!

Check out the CyberBytes: The Community community on Discord – hang out with 7 other members and enjoy free voice and text chat.

discord.gg/7UgzzGFE

🌐 Looking For Your Next Role in Cybersecurity? 🌐

Here at Aspiron Search, we’re committed to supporting you to find your next role in cybersecurity. By understanding your motivations and what makes you tick, we can provide the right opportunities and advice to get you hired!