Endpoint Security Detecting Reverse Shell with Machine Learning November 15, 2018 by arpit Amongst Cyber attackers and penetration testers, obtaining a reverse shell on a remote machine is considered a ‘home-run’. Once the reverse shell has been obtained, the remote machine is at the mercy of the attacker. Existing attack platforms such as Metasploit, Empire, and others offer myriad techniques and implementations for obtaining different types of reverse […] Read more » machine learning malware detection reverse shell
Endpoint Security Advanced Threat Detection Strategies for EDR November 23, 2017 by arpit Advancements in cybersecurity products and widespread adoption of HTML5 and the Chrome browser have made carrying out browser-based exploits much more labor intensive for malware authors, so they shifted their focus to human engineering. These days, people are much easier fooled than technology. Research shows that approximately 5% of enterprise users will fall for clever […] Read more » advanced threat detection EDR malware detection
Endpoint Security Whitelisting Fails: 4 Ways Malware Bypass Application Whitelisting July 11, 2017 by arpit Application whitelisting is a method for security control which only allows approved processes, applications and DLLs to load and execute. It involves building a baseline of known trusted applications that are approved to use and updating this baseline when an application is changed or added. Whitelisting is useful in environments that don’t change very often, […] Read more » EDR malware detection Whitelisting