Lucene search
+L

54 matches found

threatpost
threatpost
added 2020/01/08 2:0 p.m.85 views

Get Ready for the Microsoft Windows 7 EOL on January 14th

January 14, 2020, is a day cybersecurity stakeholders should pay attention to, as it marks the end of Microsoft support in Windows 7. From a security perspective, both the routine monthly security patches as well as hot fixes for attacks in the wild will not be available, effectively making any...

0.6AI score
Exploits0References2
thn
thn
added 2020/01/07 3:1 p.m.80 views

Are You Ready for Microsoft Windows 7 End of Support on 14th January 2020?

January 14, 2020, is a day cybersecurity stakeholders should pay attention to, as it marks the end of Microsoft support in Windows 7. From a security perspective, both the routine monthly security patches as well as hotfixes for attacks in the wild will not be available, effectively making any...

0.5AI score
Exploits0
carbonblack
carbonblack
added 2019/12/18 5:44 p.m.67 views

Threat Analysis Unit (TAU) Threat Intelligence Notification: DeathRansom Ransomware

During mid-November, a new ransomware named ‘DeathRansom” was found being distributed. Similar to the other variants of ransomware, it will perform the deletion of volume shadow copies to ensure all the data cannot be restored easily. After the DeathRansom performs file encryption, it will drop...

6.8AI score
Exploits0
malwarebytes
malwarebytes
added 2019/12/03 6:6 p.m.65 views

New version of IcedID Trojan uses steganographic payloads

This blog post was authored by @hasherezade, with contributions from @siriurz and Jérôme Segura. Security firm Proofpoint recently published a report about a series of malspam campaigns they attribute to a threat actor called TA2101. Originally targeting German and Italian users with Cobalt Strik...

7.5AI score
Exploits0
kitploit
kitploit
added 2019/12/02 8:27 p.m.101 views

CAPE - Malware Configuration And Payload Extraction

CAPE is a malware sandbox. It is derived from Cuckoo and is designed to automate the process of malware analysis with the goal of extracting payloads and configuration from malware. This allows CAPE to detect malware based on payload signatures, as well as automating many of the goals of malware...

7.7AI score
Exploits0References10
threatpost
threatpost
added 2019/11/06 2:0 p.m.64 views

Google Analytics Emerges as a Phishing Tool

Cybercriminals are leveraging key technical markers used in web analytics—particularly Google Analytics—to create more sophisticated and targeted phishing attacks, new research has found. However, this also makes them more susceptible to detection by organizations defending their sites against...

7.3AI score
Exploits0References7
threatpost
threatpost
added 2019/07/29 2:11 p.m.203 views

Fearing WannaCry-Level Danger, Enterprises Wrestle with BlueKeep

The nightmare vision of a “mega-worm” global BlueKeep infection could be closer to becoming reality as working exploits are now becoming available to the public, and there’s evidence that adversaries are actively scanning for the vulnerability. Researchers weighed in with Threatpost about how...

10CVSS10AI score0.99999EPSS
Exploits123References15
carbonblack
carbonblack
added 2019/07/16 12:17 p.m.100 views

Partner Perspectives: From Alert to Action: How VMRay Provides Carbon Black with Detail-Rich Threat Intelligence

Good things happen when two leaders in their respective fields bring together their complementary capabilities. That’s the case with Carbon Black’s deep expertise in endpoint detection and response EDR and VMRay’s singular focus on dynamic malware analysis. The sum ends up being even greater than...

Exploits0
carbonblack
carbonblack
added 2019/04/23 1:0 p.m.23 views

Partner Perspectives: Blending Analytics with Endpoint Detection and Response Better Defends the Modern Worker

Ryan Stolte is the co-founder and CTO for Bay Dynamics. There are clearly many reasons why Endpoint Detection and Response EDR has materialized into such a hotbed of interest, investment and emerging best practices - endpoint security must continually evolve within the context of threats and...

Exploits0
securelist
securelist
added 2019/04/09 7:25 a.m.79 views

Digital Doppelgangers

Carding exists for over 20 years. And it is not dead yet. It is alive, and even more – it is being actively developed by cybercriminals. The "good" old method of entering stolen credit card information into online store forms to buy goods and services or using online payment system accounts for t...

7.3AI score
Exploits0
talosblog
talosblog
added 2019/03/08 9:2 a.m.52 views

Threat Roundup for Mar. 1 to Mar. 8

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 1 8. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics, indicato...

6.8AI score
Exploits0
carbonblack
carbonblack
added 2019/02/25 4:0 p.m.82 views

CB Customer Spotlight: Q&A with MSD of Mt. Vernon’s William Stein

For the past 28 years, William Stein, Certified Education Technology Leader, has served as the Director of Information Systems for the Metropolitan School District MSD of Mt. Vernon in Indiana. Stein uses Carbon Black solutions to protect the K-12 school district’s data by responding to emerging...

0.2AI score
Exploits0
threatpost
threatpost
added 2018/10/30 3:47 p.m.490 views

Google Updates reCAPTCHA: No More Boxes to Check

Google this week has rolled out its latest version of the reCAPTCHA mechanism, which is meant to weed out spam and abuse by robots on websites. It marks a dramatic departure from previous reCAPTCHA efforts by eliminating the need for visitors to take any extra steps in order to log onto a website...

6.9AI score
Exploits0References6
qualysblog
qualysblog
added 2018/10/23 4:0 p.m.92 views

Don’t Overlook Qualys Malware Detection

Cyber criminals are constantly looking for opportunities to infect legitimate websites with malware. They can use infected websites to cryptomine, steal data, hijack systems, deface pages, and do other damage to harm a company’s reputation and impact their users. This can result in lost revenue,...

0.3AI score
Exploits0
fireeye
fireeye
added 2018/08/08 10:45 a.m.498 views

BIOS Boots What? Finding Evil in Boot Code at Scale!

The second issue is that reverse engineering all boot records is impractical. Given the job of determining if a single system is infected with a bootkit, a malware analyst could acquire a disk image and then reverse engineer the boot bytes to determine if anything malicious is present in the boot...

6.8AI score
Exploits0
carbonblack
carbonblack
added 2018/05/15 5:0 p.m.58 views

Unlock Your SOC with Exabeam and Carbon Black

Endpoints are not safe. There I’ve said it. The network boundaries are gone and endpoints are left exposed directly to threats. Just like watching my kids move out of the house and worrying about how they will fare in the world on their own, we have to realize endpoints are no longer protected by...

0.6AI score
Exploits0
thn
thn
added 2018/04/05 2:17 p.m.70 views

VirusTotal launches 'Droidy' sandbox to detect malicious Android apps

One of the biggest and most popular multi-antivirus scanning engine service has today launched a new Android sandbox service, dubbed VirusTotal Droidy, to help security researchers detect malicious apps based on behavioral analysis. VirusTotal, owned by Google, is a free online service that allow...

6.9AI score
Exploits0
malwarebytes
malwarebytes
added 2018/02/23 6:0 p.m.73 views

Avzhan DDoS bot dropped by Chinese drive-by attack

The Avzhan DDoS bot has been known since 2010, but recently we saw it in wild again, being dropped by a Chinese drive-by attack. In this post, we'll take a deep dive into its functionality and compare the sample we captured with the one described in the past. Analyzed sample...

7.2AI score
Exploits0
malwarebytes
malwarebytes
added 2017/12/08 5:0 p.m.32 views

Napoleon: a new version of Blind ransomware

The ransomware previously known as Blind has been spotted recently with a .napoleon extension and some additional changes. In this post, we'll analyze the sample for its structure, behavior, and distribution method. Analyzed samples 31126f48c7e8700a5d60c5222c8fd0c7 - Blind ransomware the first...

7.5AI score
Exploits0
mssecure
mssecure
added 2017/12/04 2:0 p.m.644 views

Windows Defender ATP machine learning and AMSI: Unearthing script-based attacks that ‘live off the land’

Scripts are becoming the weapon of choice of sophisticated activity groups responsible for targeted attacks as well as malware authors who indiscriminately deploy commodity threats. Scripting engines such as JavaScript, VBScript, and PowerShell offer tremendous benefits to attackers. They run...

9.3CVSS8AI score0.88698EPSS
Exploits14
Rows per page
Query Builder