<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=116645602292181&amp;ev=PageView&amp;noscript=1">
Cybereason + Arm: Securing The Core of IoT
LEARN MORE →
Securing IoT
LEARN MORE →

The Round I MITRE ATT&CK Product Evaluations: A Guide By Security Experts

MITRE ATT&CK Framework

The Round I MITRE ATT&CK Product Evaluations: A Guide By Security Experts

The MITRE ATT&CK framework is a complex solution to a complex problem. Rather than simply scoring vendors on a linear scale, it offers a more profound view of capabilities, applicability, and use-case. This is what you need to know about the way MITRE uses ATT&CK to evaluate security vendors, and how threat hunting factors into the ATT&CK framework.

Pervasive Brazilian financial malware targets bank customers in Latin America and Europe

Research

Pervasive Brazilian financial malware targets bank customers in Latin America and Europe

Cybereason’s Nocturnus team analyzed numerous campaigns related to Brazilian financial malware and found that these programs have become pervasive and infected 60 banks in nearly a dozen countries throughout South America, Spain and Portugal.

How to navigate events that can either make or a break a CISO's career: maturity shift and management briefings

CISO

How to navigate events that can either make or a break a CISO's career: maturity shift and management briefings

Security leaders need to approach management briefings and maturity shifts with a business mindset and show how the security department will help the organization. Remember to omit the technical details. They'll only portray the CISO or CSO as a technologist who isn't ready for the C-suite, said Cybereason CSO Sam Curry.

Irresistible forces must be met with immovable objects

IoT

Irresistible forces must be met with immovable objects

Cybereason and ARM are teaming up to secure IoT devices. Here's how the two companies plan on using threat hunting powered by artificial intelligence to detect attackers that use connected devices as infiltration points to move laterally to networks.

New Betabot campaign under the microscope

Research

New Betabot campaign under the microscope

The Cybereason SOC has detected multiple Betabot infections in customer environments. In this blog, Cybereason researchers study Betabot’s infection chain and self-defense mechanisms using data gathered from customer environments.

Why hacking electronic voting machines isn't the only way to impact an election

Cybersecurity

Why hacking electronic voting machines isn't the only way to impact an election

Cybereason held a tabletop exercise to see how attackers could influence elections and how elected officials would protect the vote.

VAI MALANDRA: A LOOK INTO THE LIFECYCLE OF BRAZILIAN FINANCIAL MALWARE: Part one

Research

VAI MALANDRA: A LOOK INTO THE LIFECYCLE OF BRAZILIAN FINANCIAL MALWARE: Part one

Cybereason's Nocturnus Research team analyzes campaigns targeting the Brazilian financial sector, focusing on infection vectors and the threat actor's toolset and techniques.

Wannamine cryptominer that uses EternalBlue still active

Research

Wannamine cryptominer that uses EternalBlue still active

The Wannamine cryptominer, which uses the EternalBlue exploits, is still active although a patch that fixes these well-known vulnerabilities was released last March. Amit Serper, Cybereason's head of security research, examines this variant and makes the case for patching your systems.

The anatomy of a .NET malware dropper

Cybersecurity

The anatomy of a .NET malware dropper

Attackers don't need sophisticated tools to create effective malware. Basic tools work just fine. Case in point: Cybereason researchers discovered a .NET dropper/crypter. Here's how they reverse engineered it.

Cybereason CISO Interview Series: Protecting all the news that’s fit to print and the peacock network

CISO

Cybereason CISO Interview Series: Protecting all the news that’s fit to print and the peacock network

Mike Higgins, who's served as CSO of The New York Times and CISO of NBC Universal, talks about why nation-states were interested in attacking the paper of record, why media companies were slow to realize the importance of information security and why you don’t have to be a technical expert to pursue a security career.