research

CONFidence 2019: "Inside Cybercrime Groups Harvesting Active Directory for Fun..." - Vitali Kremez

TrickBot Now Offers ‘TrickBoot’: Persist, Brick, Profit

| | research
Researchers discover a new module in the TrickBot toolset aimed at detecting UEFI / BIOS firmware vulnerabilities Join AdvIntel and Eclypsium for a live webinar exploring the implications of Trickbot’s foray into ...
Eclypsium
SWAP Detector: Preventing API Errors from Swapped Arguments

SWAP Detector: Preventing API Errors from Swapped Arguments

| | research, Static Analysis
Third-party application programming interfaces (APIs), libraries, and frameworks are a fact for modern software developers. They are usually complex, rapidly evolving, and sometimes poorly documented. According to industry estimates, open-source components can ...
Blog
Protect Your Organization From MosaicRegressor and Other UEFI Implants

Protect Your Organization From MosaicRegressor and Other UEFI Implants

| | research
Join Eclypsium for a webinar discussing MosaicRegressor and how to protect your infrastructure from UEFI threats on Friday October 23rd Download the PDF > Introduction – The MosaicRegressor Implant Researchers at Kaspersky ...
Eclypsium
Rooty Dolphin uses Mekotio to target bank clients in South America and Europe

Rooty Dolphin uses Mekotio to target bank clients in South America and Europe

| | banking, Blog, Mekotio, research, Rooty Dolphin, threat actors
Key Points  Rooty Dolphin is a threat actor who uses Mekotio to target banks  Mekotio is a banking trojan with Brazilian origins  Rooty Dolphin started targeting South America but moved to Europe some months ago ...
Blueliv
Blueliv’s Threat Context solution tracks different CVEs and maps them to cybercriminal activities.

The RECON Vulnerability and related TTPs

| | Blog, CVE, cybercrime, research, SAP
Key takeaways  CVE-2020-6287 is a vulnerability present in SAP NetWeaver software that hinges on a missing authentication check. Successful weaponization of this vulnerability would allow attackers to abuse internet-facing SAP systems in ...
Blueliv
cloud security

CSA Report Surfaces Cloud Attack Patterns

| | cloud applications, cloud computing, cloud threat vectors, research, security
The Cloud Security Alliance (CSA) this week published a free report intended to make it easier for cybersecurity teams to recognize and thwart the most 11 egregious threats to cloud computing environments ...
Security Boulevard
c-suite

‘The C-Suite Report’ Simplified: 4 Key Takeaways

| | c-suite, CISO, Cybersecurity, research
The recently published “The C-Suite Report: The Current and Future State of Cybersecurity” by Forcepoint in partnership with WSJ Intelligence has unearthed a treasure trove of important and interesting insights on how ...
Security Boulevard

Cobalt Strike: The New Favorite Among Thieves

| | Blog, case-study, Cobalt Strike, Cyber Security, Cybersecurity, research, use case
By Chris Gerritz Since 2012, Cobalt Strike has been utilized as a proactive way of testing network defenses against advanced threat actor tools, tactics, and procedures (TTPs). The aim, of course, is ...
Blog – Infocyte
GrammaTech Interview. CSFI Business Highlight.

GrammaTech Featured in Cyber Security Forum Initiative (CSFI) Podcast

| | Cyber Security, research
GrammaTech is a new gold sponsor of the Cyber Security Forum Initiative (CSFI), a non-profit organization with a mission “to provide Cyber Warfare awareness, guidance, and security solutions through collaboration, education, volunteer ...
Blog
Securing the Enterprise From BootHole

Securing the Enterprise From BootHole

| | Industry, research
New threats in the wild combined with the recently disclosed BootHole vulnerability have made securing UEFI Secure Boot a top priority for security teams. The NSA and FBI recently issued a Cybersecurity ...
Eclypsium
Load more