Latest news with #SilentPush
Korea Herald
22-05-2025
- Business
- Korea Herald
Silent Push Launches Chrome Extension, Providing New Controls and Quick Access to Critical Data to Preemptively Stop Attacks
New, strategic integration partnerships available that enhance capabilities and empower SOC, IR and CTI teams SINGAPORE, May 22, 2025 /PRNewswire/ -- Silent Push, a leading preemptive cybersecurity intelligence company, announced today the launch of its new Google Chrome Extension, providing immediate access to information about indicators discovered through a user's browser and new controls to action on them. As part of the company's continuing efforts to level up security teams' cyber defenses, Silent Push introduces new integration partner Filigran - the developer of OpenCTI. Silent Push partnerships, including ThreatConnect continue to improve the customer experience and enhance company-wide security stacks with enriched data from the Silent Push platform. Simone Filiaggi, Sr. Threat Intelligence Analyst at Box, said: "The Silent Push Chrome Extension makes it a lot easier to access actionable, and high-quality threat intelligence. It's easy to use and improves our ability to detect and respond to threats including quick pivots into the Silent Push platform for a deep dive into adversary infrastructure." Ken Bagnall, CEO and Co-Founder of Silent Push, said: "We are committed to providing our customers with the solutions and resources they need to protect themselves from an attack and maintain business resilience. "Our Chrome Extension is bidirectional and makes it easier and faster to action. It acts as an integration into any of your SaaS platforms. By working directly in your browser through our extension, security teams now have the power to pivot control anywhere on the Internet. Through our integration partnerships and upcoming Abuse Reporting service, we are strengthening our capabilities and commitment so that security teams have the resources they need to identify adversary infrastructure before an attack is launched," Ken Bagnall said. Jan Johansen, SVP Global Alliances, Filigran, the developer of OpenCTI said: "As a new integration partner, our joint customers will benefit from our better together offering of leading threat intelligence from Silent Push leveraged through our OpenCTI platform featuring comprehensive visualizations and analytic tools. This is the best of both worlds to fully enable security teams to protect their organization." Andrew Pendargast, Chief Product Officer, ThreatConnect, said: "Our long-standing integration partnership with Silent Push enables our joint customers to further their journey towards a fully threat and risk-informed cyber defense. The new Chrome Extension, which offers defenders a far faster time to detect emerging threats, is a great example of the innovation the industry has come to expect from Silent Push." Traditional IOC-based security models are such a reactive approach that limit security teams from proactively stopping an attack that is yet to launch. Attackers are faster, more automated and increasingly leverage modern techniques to evade detection. A more modern approach is needed. Indicators of Future Attack (IOFA)™– only available from Silent Push–replace the traditional model providing an cyber early warning system. And, now with its Chrome Extension, Silent Push empowers Incident Response, Threat Intelligence and SOC teams to swiftly act and protect their organization with preemptive technology accessible with a simple click. Currently, the Silent Push Chrome Extension is available to enterprise customers only and downloaded here within the Chrome Web Store. About Silent Push Silent Push is a preemptive cybersecurity intelligence company. It is the first and only solution to provide a complete view of emerging threat infrastructure in real-time, exposing malicious intent through its Indicators Of Future Attack™ (IOFA™) data to enable security teams to proactively block hidden threats and avoid loss. The Silent Push standalone platform is also available via API integrating with any number of security tools, including SIEM & XDR, SOAR, TIP, and OSINT providing automated enrichment and actionable intelligence. Customers include some of the world's largest enterprises within the Fortune 500 and government agencies. Free community edition LinkedIn and X.
Yahoo
22-05-2025
- Business
- Yahoo
Silent Push Launches Chrome Extension, Providing New Controls and Quick Access to Critical Data to Preemptively Stop Attacks
New, strategic integration partnerships available that enhance capabilities and empower SOC, IR and CTI teams SINGAPORE, May 22, 2025 /PRNewswire/ -- Silent Push, a leading preemptive cybersecurity intelligence company, announced today the launch of its new Google Chrome Extension, providing immediate access to information about indicators discovered through a user's browser and new controls to action on them. As part of the company's continuing efforts to level up security teams' cyber defenses, Silent Push introduces new integration partner Filigran - the developer of OpenCTI. Silent Push partnerships, including ThreatConnect continue to improve the customer experience and enhance company-wide security stacks with enriched data from the Silent Push platform. Simone Filiaggi, Sr. Threat Intelligence Analyst at Box, said: "The Silent Push Chrome Extension makes it a lot easier to access actionable, and high-quality threat intelligence. It's easy to use and improves our ability to detect and respond to threats including quick pivots into the Silent Push platform for a deep dive into adversary infrastructure." Ken Bagnall, CEO and Co-Founder of Silent Push, said: "We are committed to providing our customers with the solutions and resources they need to protect themselves from an attack and maintain business resilience. "Our Chrome Extension is bidirectional and makes it easier and faster to action. It acts as an integration into any of your SaaS platforms. By working directly in your browser through our extension, security teams now have the power to pivot control anywhere on the Internet. Through our integration partnerships and upcoming Abuse Reporting service, we are strengthening our capabilities and commitment so that security teams have the resources they need to identify adversary infrastructure before an attack is launched," Ken Bagnall said. Jan Johansen, SVP Global Alliances, Filigran, the developer of OpenCTI said: "As a new integration partner, our joint customers will benefit from our better together offering of leading threat intelligence from Silent Push leveraged through our OpenCTI platform featuring comprehensive visualizations and analytic tools. This is the best of both worlds to fully enable security teams to protect their organization." Andrew Pendargast, Chief Product Officer, ThreatConnect, said: "Our long-standing integration partnership with Silent Push enables our joint customers to further their journey towards a fully threat and risk-informed cyber defense. The new Chrome Extension, which offers defenders a far faster time to detect emerging threats, is a great example of the innovation the industry has come to expect from Silent Push." Traditional IOC-based security models are such a reactive approach that limit security teams from proactively stopping an attack that is yet to launch. Attackers are faster, more automated and increasingly leverage modern techniques to evade detection. A more modern approach is needed. Indicators of Future Attack (IOFA)™–only available from Silent Push–replace the traditional model providing an cyber early warning system. And, now with its Chrome Extension, Silent Push empowers Incident Response, Threat Intelligence and SOC teams to swiftly act and protect their organization with preemptive technology accessible with a simple click. Currently, the Silent Push Chrome Extension is available to enterprise customers only and downloaded here within the Chrome Web Store. About Silent Push Silent Push is a preemptive cybersecurity intelligence company. It is the first and only solution to provide a complete view of emerging threat infrastructure in real-time, exposing malicious intent through its Indicators Of Future Attack™ (IOFA™) data to enable security teams to proactively block hidden threats and avoid loss. The Silent Push standalone platform is also available via API integrating with any number of security tools, including SIEM & XDR, SOAR, TIP, and OSINT providing automated enrichment and actionable intelligence. Customers include some of the world's largest enterprises within the Fortune 500 and government agencies. Free community edition is available. For more information, visit or follow on LinkedIn and X. View original content to download multimedia: SOURCE Silent Push Sign in to access your portfolio
Forbes
13-05-2025
- Business
- Forbes
Tim Cook's Apple iToken Ad Is A Con, X Users Warned
Threat actors have been targeting Apple users for the longest time. I recently reported how Apple passwords were being stolen in a macOS attack impersonating a Realtek driver update, while the Banshee Stealer puts 100 million Apple users in the credential-hacking crosshairs. Indeed, if you needed any proof that a hacker target is hovering over Apple users heads, the fact that macOS infostealer attacks were up 101% in the last quarter of 2024 should provide it. The latest threat takes a bit of an off-ramp from the usual password-stealing stuff though, and heads into straight-up financial fraud with a little bit of help from a faked X advertising campaign, a phoney Tim Cook endorsement, and an offer to get ahead of the crowd and preorder Apple iToken crypto. I'll admit it, I'm an Apple fanboy and would likely be interested in most anything with an 'i' prefix to be fair. Whether that would stretch to cryptocurrency in the form of an Apple iToken is unlikely, as I'm not really a wannabe crypto bro. Unfortunately, the same cannot be said for many Apple fans, and crypto investors, for that matter. At least, that's what the threat actors behind the iToken scam are working on. They are also, it would appear, hoping that their target victim is going to be a user of X, the social media platform formerly known as Twitter and home to an active and highly vocal cryptocurrency community. Threat analysts working at Silent Push have uncovered a financial fraud campaign that employs all of the above, plus a little bit of Tim Cook, in order to try and get victims to part with their cash. Silent Push investigators were made aware of the campaign after spotting what appeared to be an advert on X, published May 1, that promoted an Apple iToken. The advertising URL displayed pointed to CNN for added gravitas and believability. This was, the Silent Push report said, achieved by using a 'known exploit for spoofing a URL on X/Twitter.' The crypto presale scam exploited the premise of an official Apple iToken release being forthcoming, and even went so far as to use a fake endorsement from Apple CEO Tim Cook himself to bolster the air of trust. Anyone clicking on the advert would be redirected to the presale website where an account would need to be created and payment made from any of 22 crypto wallets to pay for the non-existent crypto token. 'We found nearly 90 sites going back to 2024,' the researchers warned, 'with almost identical financial lures, all appearing to be from the same threat actor group.' This Apple iToken scam campaign's ability to spoof a visible X advertising URL is, the Silent Push report warned, 'a novel method for tricking potential victims, one only occasionally seen in the wild.' I have reached out to X and Apple for a statement and will update this article if any is forthcoming. In the meantime, don't get taken in by these scammers: there is no Apple iToken, Tim Cook has not endorsed it, CNN is not buying advertising promoting it.
Techday NZ
30-04-2025
- Business
- Techday NZ
Silent Push unveils enhanced threat intelligence with Feed Scanner
Silent Push has launched an updated Threat Intelligence Management module featuring a new Feed Scanner interface designed to strengthen organisations' ability to identify emerging cyber threats. The release provides expanded automation and search capabilities that enable users to access and navigate the entirety of the company's enriched feed data. These enhancements aim to help enterprise security teams detect and defend against threats by using Indicators Of Future AttackTM (IOFATM), a proprietary approach to identifying potential adversary infrastructure before it is used in an attack. The new Feed Scanner interface allows security professionals to query feed data, save and share searches internally, and export results for further analysis. This feature is accompanied by a dedicated IOFATM feeds section within the Threat Intelligence Management module, alongside new IOFATM feed highlights in the Total View screen, which aims to improve the threat detection and response workflow. Ken Bagnall, Chief Executive Officer and Co-Founder of Silent Push, commented on the current state of threat intelligence and the demand for more proactive solutions. "The ability to respond swiftly and effectively to growing cyber threats is mission critical for any organisation. Yet, many continue to struggle with IOC-based legacy threat intelligence that lacks real-time data to produce actionable insights. Our latest enhancements demonstrate our commitment to deliver the features needed and requested by our customers to uncover lurking threats and counteract hidden infrastructure yet to be used." According to the company, traditional threat intelligence, often based on Indicators of Compromise (IOCs), is no longer sufficient in a landscape where cyber attackers frequently change their tactics, techniques, and procedures. Silent Push sees the need to address these changes with more comprehensive and timely intelligence that allows teams to anticipate attacks, rather than only responding to incidents once they are underway. The update also includes a Customer Feeds API, which provides organisations with the ability to create and manage their own feeds. This RESTful interface supports automation of indicator and tag creation, management of proprietary threat data feeds, and is OpenAPI compliant to ensure broad compatibility and thorough documentation for integration with other security tools. Another feature, Threat Check API/DNS-Based Lookups, enables the handling of high volumes of threat indicator queries. With this functionality, organisations can check for indicators present in any of their IOFATM feeds, scan all indicators found in their log files, or verify incoming email domains—an approach that enterprise customers can access on an unlimited basis. Silent Push reports that its platform now offers insights through TLP Amber reports, which are finished intelligence documents providing detailed guidance on how to detect and prevent attacks by high-profile adversaries as well as common attack vectors. By giving users full access to Silent Push's DNS and web content database, and by refining how feeds are searched, managed and shared, the company expects security and incident response teams, threat and security analysts, and security architects to have a more complete and actionable view over the emerging threat environment. With the new update, organisations are positioned to identify hidden infrastructure more rapidly and reveal threat actor activity patterns earlier in the attack lifecycle. The Feed Scanner and associated features can be accessed through the Silent Push standalone platform or via API integration with compatible security products, such as SIEM, XDR, SOAR, TIP, and OSINT solutions.
Forbes
27-04-2025
- Business
- Forbes
Fake Crypto Attacks— What You Need To Know
Beware the fake crypto scammers. Advanced persistent threat groups affiliated with nation-states are hot hacking news right now. The FBI has just confirmed a $10 million reward for information about individuals belonging to the Chinese Salt Typhoon cyber-espionage group. But China isn't the only player in the state-hacking game; a new report suggests that North Korea and, potentially, Russia could have joined forces in a new and highly dangerous fake crypto security threat. Here's what you need to know. When it comes to crypto and matters of cybersecurity, there are generally two things that spring immediately to mind: ransomware payments and cryptocurrency theft. Perhaps the best-known types of the latter involve cryptojacking attacks, such as the recent MassJacker malware that resulted in a be careful what you search for warning. According to an April 24 report from Silent Push, one nation-state-affiliated group, Contagious Interview, is behind a campaign using three separate fake cryptocurrency consulting companies to distribute three malware families to unsuspecting victims. The malware trio will, ultimately, perform the same task: install infostealers to harvest system information, including browser data, passwords, and files, as well as silently drop remote access software onto the device for persistent access. Oh yes, and there's a tool to connect to cryptocurrency wallets as well. Worried yet? You should be, so take note of what is known about the campaign. 'Our team found that the use of fake job offers to distribute malware, such as BeaverTail, InvisibleFerret, and OtterCookie, enables remote access and data theft,' the report said. The aptly named Contagious Interview group was found to be heavily leaning on AI-generated images to create employee profiles for the three companies concerned, and I recommend you read the full report for all the details. 'As part of the crypto attacks,' the researchers said, 'the threat actors are heavily using GitHub, job listings and freelancer websites.' Silent Push threat analysts said that they are continuing to track the Contagious Interview attackers as they believe they pose a threat to individuals. The fake crypto campaigns could also, Silent Push concluded, 'provide some corporate risk due to the malware they deploy and the credentials they acquire from devices.'
