The White Company: Inside the Operation Shaheen Espionage Campaign

The White Company: Inside the Operation Shaheen Espionage Campaign

|
In a new collection of extensive research reports, our Threat Intelligence Team profiles a new, likely state-sponsored threat actor called The White Company. The report details one of the group’s recent campaigns, a year-long espionage effort directed at the Pakistani government and military – in particular, the Pakistani Air Force ... Read More
DirtySecurity Podcast: Security Tales from the Ultimate Road Warrior

DirtySecurity Podcast: Security Tales from the Ultimate Road Warrior

|
In this week’s episode of DirtySecurity, Edward Preston chats with Cylance’s world traveler Richard Melick about the evolution of Cylance’s live road shows ... Read More

AutoSploit Developer Improves Metasploit Penetration Testing

VectorSEC recently announced that they developed AutoSploit, a Python script for Metasploit. It does what it’s named to do: it automates Metasploit sessions. It has been released on GitHub as opensource software under the GPL v3.0 license ... Read More

Energetic DragonFly DYMALLOY Bear 2.0

New research from Cylance identifies for the first time the use of a compromised core router as one of the tools wielded by the threat actor that has recently been accused by the United States government of acting in the interests of Russia to attack government agencies and organizations in ... Read More
NorthSec: Threat Hunting Utilizing the ELK Stack and Machine Learning

NorthSec: Threat Hunting Utilizing the ELK Stack and Machine Learning

In this course being offered at NorthSec on May 14th, 15th and 16th, attendees will learn how to create their own enterprise-wide hunting platform using ELK with data enrichment feeds. Breaches are only expanding in size, so incident responders need to move beyond the days of using Excel to hunt ... Read More
CylancePROTECT vs. DataKeeper RaaS

Cylance vs. DataKeeper RaaS

DataKeeper is the latest contender in a rising number of malware attacks driven by ransomware-as-a-service (RaaS). What does this latest iteration of RaaS-inspired malware mean for computing? The Cylance Threat Research team dug into this emerging threat for answers ... Read More

Let’s Encrypt Delivers on Promise of Secure HTTP Connections

Back in summer 2017, Let's Encrypt, the free and open certificate authority (CA), said they’d soon deliver “wildcard” certificates to enable secure HTTP connections for entire domains – for free. The great day is today and it’s time to highlight their great work in democratizing security for the masses ... Read More

Cylance Expands Board of Directors to Drive Next Phase of Growth

Have you ever heard the phrase, 'history repeats itself'? While that may not be universally true, history does often reveal similarities between events. Read on to learn what a malware hash has in common with pi, and how machine learning can predict the future by looking at the past ... Read More

Security News Bytes: Can We Trust the Broken Cert Ecosystem?

This week, a new study titled: ‘Issued for Abuse: Measuring the Underground Trade in Code Signing Certificates’ was released by American and Czech researchers, investigating various forms of abuse that allow malware authors to produce malicious code carrying - yet valid - digital signatures ... Read More
Cylance Sports Update: The Team Hits Belgium and Italy

Cylance Sports Update: The Team Hits Belgium and Italy

After a successful team camp in Spain, Cylance Pro Cycling traveled to Belgium and Italy to begin the iconic part of the season called the Spring Classics. These monument races are known for harsh conditions, cobbles, and steep hills ... Read More
Loading...