Endpoint Security High Profile Cyber Attacks on Banks on the Rise October 22, 2018 by arpit We are seeing an alarming increase in high profile cyber attacks on banks, specifically in India. According to Proofpoint, nearly 59% of all malicious email payloads in the first quarter of 2018 were banking trojans. The biggest breach was on the Bangladesh Bank in February 2016, where 101 million dollars were withdrawn from a Bangladesh […] Read more » banks Cosmos cyber attacks Financial Services India
Endpoint Security Latest Trickbot Variant has New Tricks Up Its Sleeve August 14, 2018 by arpit Trickbot is well-known financial Trojan that targets customers of large banks and steals their credentials.” It is a modular malware that includes different modules for its malicious activities. It has been around since 2016 and since then new variants have appeared on an ongoing basis, each time updated with new tricks and modules. Trickbot includes […] Read more » Cyberbit Financial Services Trickbot
Endpoint Security BackSwap Banker Malware Hides Inside Replicas of Legitimate Programs August 6, 2018 by arpit This post will focus on a deep dive analysis of how the BackSwap banker malware hides its malicious code inside replicas of popular, legitimate computer programs. The Cyberbit Malware Research team analyzed four samples of this banking malware. The fourth sample is a new variant that has not been previously analyzed and was found to […] Read more » BackSwap banking malware
Endpoint Security COM Hijacking – Windows Overlooked Security Vulnerability July 31, 2018 by arpit Forget all you know about sophisticated code injection technique. Persistence in the system and running code as part of a trusted critical process can be done with ease without implementing complex code injection mechanism. COM hijacking is a well-known technique, however today it remains an overlooked persistence and injection mechanism which is stealthier than most […] Read more » COM Hijacking
Endpoint Security Got Big Data? Not all EDR Solutions are Created Equal May 2, 2018 by arpit All EDR/EPP solutions record data, but true protection requires recording absolutely everything from every endpoint. Cyber attacks and the security products designed to protect against them have both developed by leaps and bounds in recent years. Antivirus (AV) or ‘next-generation antivirus’ (NGAV) tools provide a good level of protection even though they only record partial […] Read more » big data EDR
Endpoint Security New ‘Early Bird’ Code Injection Technique Discovered April 11, 2018 by arpit This injection technique allows the injected code to run before the entry point of the main thread of the process, thereby allowing to avoid detection by anti-malware products’ hooks. Code injection is commonly used by malware to evade detection by injecting a malicious code into a legitimate process. This way the legitimate process serves as […] Read more » code injection EDR Malware
Endpoint Security Using Big Data for Threat Detection February 14, 2018 by arpit Simply put, big data for threat detection employs the latest big data analysis techniques to make threat detection better and faster. Threat detection is much like solving a jigsaw puzzle, it requires assembling often oddly shaped interlocking and tessellating pieces. Each piece contains a small part of a complete picture. Only when all the pieces […] Read more » big data endpoint security
Endpoint Security How Cyberbit Researchers Discovered a New Silent LockPoS Malware Injection Technique January 11, 2018 by arpit During July 2017 a sample of a LockPoS variant was harvested by the Cyberbit Malware Harvesting lab which gathers thousands of malware samples every day from both public and internal repositories. In our automated malware analysis lab, each malware is analyzed both dynamically and statically against publicly known anti-malware and antivirus tools and is run […] Read more » endpoint security Malware analysis malware injection
Endpoint Security New LockPoS Malware Injection Technique January 3, 2018 by arpit (updated January 10, 2018) Cyberbit malware researchers recently discovered a stealthy new malware injection technique being used by LockPoS that appears to be a new variant of that used by Flokibot. LockPoS is a Point-of-Sale (PoS) malware that steals credit card data from the memory of computers attached to point of sale credit card scanners. […] Read more » LockPoS Malware analysis malware injection