Corporate
Detect and Remediate Process Hollowing with EclecticIQ Endpoint Response
Categorized under the MITRE ATT&ACK framework as a sub-technique of T1055 (Tactics for Defense Evasion and Privilege Escalation) Process hollowing is a well understood, and widely used, technique that malware use to ...
Conti pivots as ransomware as a service struggles
The Conti ransomware group —a.k.a. Wizard Spider; a.k.a. TrickBot; a.k.a Ryuk—is one of the most prolific ransomware gangs around. It is believed to have been active, in various incarnations, since about 2016 ...
Deconstructing R in an EDR
In February 2022, EclecticIQ announced the EclecticIQ Endpoint Response 3.5.1 release. Endpoint Response is an osquery-based Endpoint Detection and Response (EDR) product which provides enhanced response capabilities on macOS in the 3.5.1 ...
Increase Your SIEM and SOAR Return on Investment with ReversingLabs
On one side you have your SIEM investment – technology that lets you connect multiple security event sources, correlate source information and create events on anything that looks threatening. On the other ...
NIST guidance raises bar for federal software supply chain
NIST, the National Institute of Standards and Technology, released long-awaited guidance on secure software development practices on Friday, formalizing guidance that asks firms selling software to the government to implement a software ...
Log4j is why you need an SBoM
It has been less than a week since the world first became aware of a serious and remotely exploitable vulnerability in Log4j, an open-source, Java-based logging framework that is a component of ...
Get smart: Leverage threat intel to detect ransomware
Within the last decade, ransomware emerged as the preeminent cyber threat facing both public and private sector organizations. Data from firms that track ransomware infections suggest that a large percentage of organizations ...
Expanding Security Visibility To Reduce Software Supply Chain Risk
No doubt about it, the way malicious actors attack their targets through software is changing.The attack pattern we’re familiar with is fairly direct. Someone finds a vulnerability in deployed software. Malicious actors ...
3 Reasons for Appsec Folks to be Excited About ReversingLabs
While attacks on software supply chains aren’t new, the intense focus of malicious actors on tampering with trusted applications demands an extension of existing application security programs to identify and address a ...
Crosspoint Capital Invests in ReversingLabs to Scale Supply Chain Security Offerings
It’s with tremendous excitement that I’m able to speak to our customers, partners and employees about the recent investment in ReversingLabs led by Crosspoint Capital Partners.As the world has witnessed, the rise ...
