OT Security ICS/SCADA Protocol Vulnerabilities: CIP (Common Industrial Protocol) January 5, 2017 by arpit SCADA (Supervisory Control And Data Acquisition) networks serve as the backbone for many manufacturing and critical infrastructure industries, including utilities, telecom, transportation and food distribution, performing vital tasks such as monitoring data from pumps, valves and transmitters. Dating back to the 1960’s, these systems were built to provide plant workers with a user-friendly interface from […] Read more » ICS SCADA
OT Security End the air gapping myth in critical infrastructure security December 15, 2016 by arpit In an environment where we’re seeing increasing demand for connectivity between operational technology (OT) and IT, security teams have to dispel the air gapping myth to acknowledge that IT influences can exploit OT connections. The air gapping approach was used for a long time to prevent any impact on ICS systems. But it’s wishful thinking […] Read more » ICS SCADA
Endpoint Security Malware Terms for Non-Techies – Code Entropy December 15, 2016 by arpit Complex jargon abounds in cyber security and certain terms are widely used but little understood by anyone other than malware analysts. To help clear away a bit of the confusion, we’ll be breaking down some of these esoteric concepts, giving them practical, meaningful value. The first concept we are looking at is code entropy. To […] Read more » Code-Entropy Malware
Endpoint Security How Cyberbit EDR detected a locky ransomware attack that 22 endpoint security solutions missed December 13, 2016 by arpit On December 5th 2016 a large organization approached Cyberbit to investigate a ransomware attack. This organization is one of the world’s leading logistics and transportation companies, employing over 30,000 people. The attack had evaded all endpoint security solution over 24 hours prior to contacting Cyberbit, and begun encrypting employee workstation hard drives. The organization contacted […] Read more » Ransomware
OT Security 4 Europe Cyber Security Trends to Watch in 2017 December 6, 2016 by arpit With digital crimes that know no borders and terrorism fuelled by bits and bytes, the world is grappling with matters that are poised to disrupt the very way we live. And 2017 is already on course to cement all things cyber security-related as the defining concerns of our times. Looking at the EU’s current security […] Read more » Critical infrastructure
Endpoint Security 5 Open Source Malware Tools You Should Have in Your Arsenal November 28, 2016 by arpit Analysts use open source malware analysis tools to protect from and predict future attacks and to share knowledge among each other. It’s no secret that distributing malware is a big business and the rapidly rising malware epidemic is only going to grow in ability and efficiency in the coming years. As malware trading forums proliferate […] Read more » Malware
Security Operations SOC automation: Can incident response live without it? November 3, 2016 by arpit The SOC – a New Vision with New Challenges The concept of a security operations center (SOC) is increasing in popularity. Many large enterprises have established SOCs, and others are in the planning process. SOCs maximize enterprise security impact by consolidating and centralizing cyber security incident prevention, detection and response across the entire organization. They also […] Read more » SOC Automation
Cybersecurity Training The Cyber Range – Addressing the “Security Tools Fatigue” September 21, 2016 by arpit Seems like the IT security industry is booming. Enterprises are continuously increasing their IT security budgets and Gartner estimates that IT security spending will rise from $75 billion-plus in 2015 to $101 billion in 2018. Organizations have established their security operation centers (SOCs) and ramped up their security teams and the CISO has become an […] Read more » Cyber Simulation Cyber Training Range
Endpoint Security Anti-VM and Anti-Sandbox Explained August 5, 2016 by arpit | 99 Comments on Anti-VM and Anti-Sandbox Explained This article is intended for malware analysts, investigators, and security system developers, and explains the key tactics used by malware authors to detect and evade virtual environments often used in the security analysis process. The article will detail the key anti-VM tactics we’ve encountered during our research activity and will provide information allowing you to: […] Read more » Sandbox