Endpoint Security Using Big Data for Threat Detection February 14, 2018 by arpit Simply put, big data for threat detection employs the latest big data analysis techniques to make threat detection better and faster. Threat detection is much like solving a jigsaw puzzle, it requires assembling often oddly shaped interlocking and tessellating pieces. Each piece contains a small part of a complete picture. Only when all the pieces […] Read more » big data endpoint security
Cybersecurity Training Every Cyberdefender Must be Ready for Battle January 18, 2018 by arpit When we think of soldiers we typically conjure an image of dedicated, well-trained and battle-tested young men and women who bravely do the elite work of defending their nations. 15 years ago, I aspired to become one such defender and enlisted in an elite combat unit without having any idea what I had gotten myself […] Read more » Cyber Training Cyberdefender
Endpoint Security How Cyberbit Researchers Discovered a New Silent LockPoS Malware Injection Technique January 11, 2018 by arpit During July 2017 a sample of a LockPoS variant was harvested by the Cyberbit Malware Harvesting lab which gathers thousands of malware samples every day from both public and internal repositories. In our automated malware analysis lab, each malware is analyzed both dynamically and statically against publicly known anti-malware and antivirus tools and is run […] Read more » endpoint security Malware analysis malware injection
Endpoint Security New LockPoS Malware Injection Technique January 3, 2018 by arpit (updated January 10, 2018) Cyberbit malware researchers recently discovered a stealthy new malware injection technique being used by LockPoS that appears to be a new variant of that used by Flokibot. LockPoS is a Point-of-Sale (PoS) malware that steals credit card data from the memory of computers attached to point of sale credit card scanners. […] Read more » LockPoS Malware analysis malware injection
OT Security 4 Ways to Protect Against Triton ICS Malware December 21, 2017 by arpit The recent Triton ICS malware attack is a custom-tailored ICS malware that also earned the moniker “TRISIS” because it targets a vulnerability in Schneider Electric’s EcoStruxure™ Triconex Safety Systems safety instrumented system (SIS) that enables the malware to replace the logic in PLCs that send commands directly to physical machinery. the Triton ICS malware is […] Read more » Triton ICS malware
Endpoint Security Advanced Threat Detection Strategies for EDR November 23, 2017 by arpit Advancements in cybersecurity products and widespread adoption of HTML5 and the Chrome browser have made carrying out browser-based exploits much more labor intensive for malware authors, so they shifted their focus to human engineering. These days, people are much easier fooled than technology. Research shows that approximately 5% of enterprise users will fall for clever […] Read more » advanced threat detection EDR malware detection
Security Operations SOC Incident Response will Fail in a Real Cyberattack November 16, 2017 by arpit Carefully thought-out incident response procedures are meant to streamline every task and detail in your SOC incident response plan. Yet when security analysts are faced with real life cyberattack, SOC procedures don’t always work as planned. The SOC team faces the challenge of handling the entire incident response lifecycle; monitoring, detection, prevention, investigation, response and […] Read more » incident response SIEM
Endpoint Security Watch Out for These Two Data Exfiltration Channels November 9, 2017 by arpit Data exfiltration is a form of security breach whereby attackers attempt to break into a network and gain control of a target machine to steal valuable data. IT security teams try to prevent data exfiltration by predicting exactly how the data will be stolen from a machine. Common detection techniques focus on attributes of the […] Read more » data exfiltration
Cybersecurity Training Tabletop Cyber Security Exercises: Cyber Crisis Management October 26, 2017 by arpit One of the biggest challenges of the cyber crisis management process is the cross-organization communication, coordination and collaboration needed throughout the crisis. Incident response teams often need to work with other teams and persons in the enterprise from different disciplines and with different priorities and goals such as; the enterprise IT team, legal, public relations, […] Read more » Cyber Crisis Management