Cybereason’s Nocturnus team analyzed numerous campaigns related to Brazilian financial malware and found that these programs have become pervasive and infected 60 banks in nearly a dozen countries throughout South America, Spain and Portugal.
Back in 2017, Cybereason CSO Sam Curry and CTO Yonatan Striem-Amit spoke to a crowded room at the RSA Conference about the hype and hope of AI and Machine Learning. Fast forward a year later, Cybereason was recently named an IDC Innovator in the AI Intelligence-Infused Security Solutions report.
Cybereason detected an evasive infection technique used to spread a variant of the Ramnit banking Trojan as part of an Italian spam campaign. We investigate this attack, its use of sLoad, and its adoption of LOLbins to minimize discovery.
MITRE ATT&CK is a comprehensive knowledge base and complex framework of over 200 techniques that adversaries may use over the course of an attack. These include specific and general techniques, as well as concepts and background information on well-known adversary groups and their campaigns.
Cybereason’s Nocturnus team analyzed numerous campaigns related to Brazilian financial malware and found that these programs have become pervasive and infected 60 banks in nearly a dozen countries throughout South America, Spain and Portugal.
Security leaders need to approach management briefings and maturity shifts with a business mindset and show how the security department will help the organization. Remember to omit the technical details. They'll only portray the CISO or CSO as a technologist who isn't ready for the C-suite, said Cybereason CSO Sam Curry.
Cybereason and ARM are teaming up to secure IoT devices. Here's how the two companies plan on using threat hunting powered by artificial intelligence to detect attackers that use connected devices as infiltration points to move laterally to networks.
The Cybereason SOC has detected multiple Betabot infections in customer environments. In this blog, Cybereason researchers study Betabot’s infection chain and self-defense mechanisms using data gathered from customer environments.
Cybereason held a tabletop exercise to see how attackers could influence elections and how elected officials would protect the vote.
Cybereason's Nocturnus Research team analyzes campaigns targeting the Brazilian financial sector, focusing on infection vectors and the threat actor's toolset and techniques.
The Wannamine cryptominer, which uses the EternalBlue exploits, is still active although a patch that fixes these well-known vulnerabilities was released last March. Amit Serper, Cybereason's head of security research, examines this variant and makes the case for patching your systems.
Copyright © 2019 Cybereason Inc. All rights reserved.
®
