Endpoint Security Cryptocurrency Miners Now Using Evasive Tactics to Exploit Airport Resources October 16, 2019 by arpit While rolling out Cyberbit’s Endpoint Detection and Response (EDR) in an international airport in Europe, our researchers identified an interesting crypto mining infection, where cryptocurrency mining software was installed on more than 50% of the airport’s workstations. The findings raise concerns regarding the ease of installing malicious software within corporate networks despite being protected by […] Read more » cryptominer EDR
Endpoint Security 3 Ways EDR Prevents Financial Cyberattacks June 23, 2019 by arpit Financial institutions are highly vulnerable to cyberattacks. According to Verizon’s 2019 Data Breach Investigations Reports, 10% of breaches were breaches of the Financial industry. Not only is the number of attacks increasing, but the attacks have become ever more sophisticated and targeted. As a result, regulatory bodies worldwide like the Reserve Bank of India (RBI) […] Read more » cyber attacks EDR Financial Services
Endpoint Security Formbook Research Hints Large Data Theft Attack Brewing June 12, 2019 by arpit In this blog post we will present the latest droppers of Formbook data stealing malware – an advanced malware that uses diverse and innovative techniques to evade security products. We will reverse engineer all the different droppers and suggest ways to detect them. We also show how Cyberbit EDR detects the latest Formbook dropper. Formbook […] Read more » droppers EDR Formbook malware
Endpoint Security Got Big Data? Not all EDR Solutions are Created Equal May 2, 2018 by arpit All EDR/EPP solutions record data, but true protection requires recording absolutely everything from every endpoint. Cyber attacks and the security products designed to protect against them have both developed by leaps and bounds in recent years. Antivirus (AV) or ‘next-generation antivirus’ (NGAV) tools provide a good level of protection even though they only record partial […] Read more » big data EDR
Endpoint Security New ‘Early Bird’ Code Injection Technique Discovered April 11, 2018 by arpit This injection technique allows the injected code to run before the entry point of the main thread of the process, thereby allowing to avoid detection by anti-malware products’ hooks. Code injection is commonly used by malware to evade detection by injecting a malicious code into a legitimate process. This way the legitimate process serves as […] Read more » code injection EDR Malware
Endpoint Security Advanced Threat Detection Strategies for EDR November 23, 2017 by arpit Advancements in cybersecurity products and widespread adoption of HTML5 and the Chrome browser have made carrying out browser-based exploits much more labor intensive for malware authors, so they shifted their focus to human engineering. These days, people are much easier fooled than technology. Research shows that approximately 5% of enterprise users will fall for clever […] Read more » advanced threat detection EDR malware detection
Endpoint Security Is Your EDR Putting Your Data and Network at Risk? August 10, 2017 by arpit The latest debate about the disclosure of customers data uploaded by an EDR solution to multi scanners raises some important questions about how much you can really trust your security vendor. Although it seems that the EDR vendor did not intentionally do anything wrong, the problem is embedded within the concept. Like many other security products, […] Read more » EDR
Endpoint Security Whitelisting Fails: 4 Ways Malware Bypass Application Whitelisting July 11, 2017 by arpit Application whitelisting is a method for security control which only allows approved processes, applications and DLLs to load and execute. It involves building a baseline of known trusted applications that are approved to use and updating this baseline when an application is changed or added. Whitelisting is useful in environments that don’t change very often, […] Read more » EDR malware detection Whitelisting
Endpoint Security NHS ransomware – what healthcare security leaders should do May 15, 2017 by arpit WannaCry, WannaCryptor and Wana Decryptor are three of the common pseudonyms for Friday’s massive NHS ransomware attacks on the UK’s national healthcare system. As the UK gets ready to return to work Monday morning experts are still very concerned about the continued outbreak and are busy trying to help get computers up and running again […] Read more » EDR healthcare hospital NHS ransomware Ransomware security awareness