OT Security Automating ICS Network Security November 22, 2018 by arpit Industrial Control Systems (ICS) are the backbone of the global economy. ICS solutions control the operational technology (OT) networks that run large-scale manufacturing facilities, critical infrastructure sites, and many more of the building blocks of modern society. Therefore, ICS network security is critical to the economy. The OT networks running manufacturing and critical infrastructure facilities […] Read more » automation ICS Network Security
Endpoint Security Detecting Reverse Shell with Machine Learning November 15, 2018 by arpit Amongst Cyber attackers and penetration testers, obtaining a reverse shell on a remote machine is considered a ‘home-run’. Once the reverse shell has been obtained, the remote machine is at the mercy of the attacker. Existing attack platforms such as Metasploit, Empire, and others offer myriad techniques and implementations for obtaining different types of reverse […] Read more » machine learning malware detection reverse shell
Security Operations What Does SOC Flexibility mean for CISOs? October 24, 2018 by arpit CISOs are born leaders, the role of a Chief Information Security Officer is not easy and there are a number of challenges for CISOs to address related to infrastructure, existing security portfolio and adoption of innovative and incisive technologies. As the number of threats keeps growing; be it ransomware, targeted attacks aimed at stealing the […] Read more » CISO flexibility SOC
Endpoint Security High Profile Cyber Attacks on Banks on the Rise October 22, 2018 by arpit We are seeing an alarming increase in high profile cyber attacks on banks, specifically in India. According to Proofpoint, nearly 59% of all malicious email payloads in the first quarter of 2018 were banking trojans. The biggest breach was on the Bangladesh Bank in February 2016, where 101 million dollars were withdrawn from a Bangladesh […] Read more » banks Cosmos cyber attacks Financial Services India
OT Security Darum werden mehr Angriffe auf kritische Infrastrukturen erwartet August 29, 2018 by arpit Wie alle jährlichen Sicherheitsberichte zeigen, nimmt die Anzahl der Cyber-Angriffe auf Unternehmen und andere Organisationen jedes Jahr zu. Ein zunehmender Anteil dieser Angriffe umfasst Cyber-Angriffe auf Umgebungen mit kritischen Infrastrukturen wie Wasserversorgungssysteme, petrochemische Anlagen, Verkehrsinfrastrukturkontrollsysteme und alle anderen Arten von SCADA-Systemen (Supervisory Control and Data Acquisition). Viele dieser OT-Umgebungen sind Teil unserer kritischen nationalen Infrastruktur […] Read more »
Endpoint Security Latest Trickbot Variant has New Tricks Up Its Sleeve August 14, 2018 by arpit Trickbot is well-known financial Trojan that targets customers of large banks and steals their credentials.” It is a modular malware that includes different modules for its malicious activities. It has been around since 2016 and since then new variants have appeared on an ongoing basis, each time updated with new tricks and modules. Trickbot includes […] Read more » Cyberbit Financial Services Trickbot
Security Operations SANS Survey Highlights – 2018 Security Operations Center Survey August 13, 2018 by arpit The 2018 SANS survey just came out and is chock full of important industry trends and practices that every SOC manager needs to know. We strongly recommend carefully reading through the entire report and attending the SANS webinar on August 16. Since security operations professionals are super busy, we have provided this quick summary of […] Read more » SANS
Endpoint Security BackSwap Banker Malware Hides Inside Replicas of Legitimate Programs August 6, 2018 by arpit This post will focus on a deep dive analysis of how the BackSwap banker malware hides its malicious code inside replicas of popular, legitimate computer programs. The Cyberbit Malware Research team analyzed four samples of this banking malware. The fourth sample is a new variant that has not been previously analyzed and was found to […] Read more » BackSwap banking malware
Endpoint Security COM Hijacking – Windows Overlooked Security Vulnerability July 31, 2018 by arpit Forget all you know about sophisticated code injection technique. Persistence in the system and running code as part of a trusted critical process can be done with ease without implementing complex code injection mechanism. COM hijacking is a well-known technique, however today it remains an overlooked persistence and injection mechanism which is stealthier than most […] Read more » COM Hijacking