Security Operations The Modern SOC – Time to Look Beyond Automation July 19, 2017 by arpit Over the last months, we’ve witnessed a significant increase in the number of cyberattacks, their severity and their ability to spread in minutes throughout the globe, infecting thousands of networks. The central and most critical component in fighting these advanced threats is the security operations center (SOC). The increase in volume and complexity of threats […] Read more » SOC
Endpoint Security Whitelisting Fails: 4 Ways Malware Bypass Application Whitelisting July 11, 2017 by arpit Application whitelisting is a method for security control which only allows approved processes, applications and DLLs to load and execute. It involves building a baseline of known trusted applications that are approved to use and updating this baseline when an application is changed or added. Whitelisting is useful in environments that don’t change very often, […] Read more » EDR malware detection Whitelisting
Endpoint Security Petya Ransomware: What’s Old, What’s New and What You Should Do June 27, 2017 by arpit A new strain of the Petya ransomware is spreading rapidly over the last 24 hours. The new variant attacked critical infrastructure, airports, pharmaceutical companies, and public transit companies throughout Europe, Asia, and North America. This post will provide a brief overview of the old and new tactics used by the new Petya, and a comprehensive […] Read more » Malware Petya Ransomware
OT Security Industroyer / CrashOverride – IT to OT Malware That Changes Industrial Security Paradigms June 19, 2017 by arpit ESET researchers recently discovered one of the most aggressive forms of cyber threats on electric grids and industrial control networks – coined Industroyer, or CrashOverride. This malware was likely the cause of the December 2016 “Black Energy” cyberattack on Ukraine’s power grid that caused a blackout of over an hour in part of its capital, […] Read more » Industroyer
OT Security Ransomware a real risk for SCADA networks May 23, 2017 by arpit By now the ‘Air gapping’ myth should be expunged from every ICS/SCADA manager on earth. SCADA networks have been hacked on several known occasions and made the need for advanced SCADA security solutions crystal clear. But this weekend we learned that even non-targeted malware can pose a serious risk to our physical plants when the […] Read more » SCADA Ransomware
Endpoint Security WannaCry Ransomware Exposed – Behavioral Analysis in Cyberbit EDR May 16, 2017 by arpit The WannaCry/WannaCrypt0r Ransomware attack has been receiving massive publicity following its severe global impact. Much has been written about WannaCry’s ability to spread rapidly by exploiting a Windows Server Message Block (SMBv1) vulnerability, AKA EternalBlue. Upon the outbreak of the attack Cyberbit’s malware researchers took the liberty of running the ransomware on a computer protected by […] Read more » Ransomware wannacry WannaCryptor
Endpoint Security NHS ransomware – what healthcare security leaders should do May 15, 2017 by arpit WannaCry, WannaCryptor and Wana Decryptor are three of the common pseudonyms for Friday’s massive NHS ransomware attacks on the UK’s national healthcare system. As the UK gets ready to return to work Monday morning experts are still very concerned about the continued outbreak and are busy trying to help get computers up and running again […] Read more » EDR healthcare hospital NHS ransomware Ransomware security awareness
Endpoint Security WannaCryptor Ransomware – 3 Actions You Should Take Immediately May 13, 2017 by arpit WannaCryptor Ransomware hit over 40 UK hospitals, as well as over 75,000 additional workstations in 99 countries as of today, in what is turning to be the most massive ransomware campaign to date. The ransomware, also referred to as WannaCry and Wana Decrypt0r, is delivered as a Trojan, which is downloaded when the user mistakenly […] Read more » Ransomware WannaCryptor
Cybersecurity Training Expert advice on assessing network cyber resilience May 3, 2017 by arpit It is no news that cyber attacks are increasing in volume, severity, and complexity with cyber resilience being more difficult to achieve. Sophisticated, multi-vector attacks can quickly overwhelm security teams causing substantial damage and breaches not only on IT networks but also on OT (SCADA) networks and today even on the growing infrastructure of IoT. […] Read more » cyber resilience multi-vector attacks OT networks