Intelligence & Analytics May 30, 2023

BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration

9 min read - This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, Diego Matos Martins and Joseph Spero. BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to…

Risk Management January 12, 2023

Now You SIEM, Now You Don’t —Six Failures of Cybersecurity

4 min read - Security information and event management (SIEM) frameworks are essential for enterprises to monitor, manage and mitigate the impact of evolving cyberattacks. As the number of threats and the financial impact of breaches increase, these frameworks are even more crucial. Consider…

Data Protection May 6, 2022

The Growing Danger of Data Exfiltration by Third-Party Web Scripts

4 min read - The theft of personal or sensitive data is one of the biggest threats to online business. This danger, data exfiltration or data extrusion, comes from a wide variety of attack vectors. These include physical theft of devices, insider attacks within…

Advanced Threats March 24, 2020

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

13 min read - Our team is closely monitoring TrickBot's developing capabilities, including its new cross-channel attacks using the TrickMo component.

March 23, 2020

Weekly Security News Roundup: Nefilim Ransomware Victims Given a Week to Pay

3 min read - Researchers observed the Nefilim ransomware family threatening to publish its victims' data if they did not pay their ransoms within a week. Learn what else happened last week in security news.

Intelligence & Analytics February 21, 2020

Cyberthreat Intelligence Tooling — How to Quickly Locate Your Key Indicators

3 min read - While there are many cyberthreat intelligence tools and platforms that can locate indicators for you, it is important to understand the process yourself before relying on a tool.

December 3, 2019

Chrome Password Stealer CStealer Uses MongoDB to Store Collected Data

2 min read - A new Google Chrome password stealer called CStealer uses a remote MongoDB database to store the data it's collected.

October 1, 2019

Masad Stealer Exploits Telegram in Cryptocurrency Theft Campaign

2 min read - A malware strain dubbed Masad Stealer is using the Telegram messaging app to steal cryptocurrency by accessing browser passwords and clipboard information, security researchers learned.

July 10, 2019

Astaroth Attack Infects Windows Machines Via Living-Off-the-Land Techniques

2 min read - An Astaroth attack leveraged only living-off-the-land techniques to run the backdoor directly in memory on Windows machines.

Intelligence & Analytics November 30, 2018

5 Tips for Uncovering Hidden Cyberthreats with DNS Analytics

4 min read - By understanding the basics of DNS analytics, the common methods of attack and the tools available to security teams, you will be better prepared to protect your enterprise from hidden cyberthreats.