<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=116645602292181&amp;ev=PageView&amp;noscript=1">
Cybereason + Arm: Securing The Core of IoT
LEARN MORE →
Securing IoT
LEARN MORE →

New Ursnif Variant Targets Japan Packed with New Features

Trojan

New Ursnif Variant Targets Japan Packed with New Features

In this research we dissect a recent campaign that uses language checks and steganography to evade detection. The new variant features a stealthy persistence mechanism, revamped information-stealing modules focusing on mail clients and cryptocurrency, and targets Japanese security products.

Defensive Gap Assessment with MITRE ATT&CK

MITRE ATT&CK Framework

Defensive Gap Assessment with MITRE ATT&CK

Our white paper shares five essential stages you should be following to implement a closed-loop, tactical security effort with MITRE ATT&CK. Combining techniques, tactics, and procedures with adversary emulation plans, this white paper gives you background to build an effective, iterative defense.

MITRE ATT&CK Evaluations Prove Cybereason Best Enables Defenders to Avoid Material Harm

MITRE ATT&CK Framework

MITRE ATT&CK Evaluations Prove Cybereason Best Enables Defenders to Avoid Material Harm

The Cybereason Defense Platform has been evaluated by MITRE to show how we approach threat detection in the context of the MITRE ATT&CK framework. Check out how we did.

The Newest Variant of the Astaroth Trojan Evades Detection in the Sneakiest Way

Next Generation Antivirus

The Newest Variant of the Astaroth Trojan Evades Detection in the Sneakiest Way

In this overview, we explain one of the most recent and unique campaigns involving the Astaroth trojan. This spam campaign targeted Brazil and was able to infiltrate systems in a unique way - using processes in some security products.

Astaroth Malware Uses Legitimate OS and Antivirus Processes to Steal Passwords and Personal Data

Malware

Astaroth Malware Uses Legitimate OS and Antivirus Processes to Steal Passwords and Personal Data

In this research, we explain one of the most recent and unique campaigns involving the Astaroth trojan. This Trojan and information stealer was recognized in Europe and chiefly affected Brazil through the abuse of native OS processes and the exploitation of security-related products.

What the government shutdown of 2019 meant for our collective cybersecurity

What the government shutdown of 2019 meant for our collective cybersecurity

After five weeks, the partial U.S. government shutdown of 2019 just came to a close. In its wake comes a pinch of American labor and a delay in federal employees receiving their salaries. Additionally, transportation security and other vital federal services exhibited the strain of the prolonged impasse in Washington, D.C. During this time, cyber readiness emerged as a hot conversation topic for fear of a potentially devastating cyber attack.

AI in cybersecurity: the IDC AI Innovators Report and what it means for security practitioners

Artificial Intelligence

AI in cybersecurity: the IDC AI Innovators Report and what it means for security practitioners

Back in 2017, Cybereason CSO Sam Curry and CTO Yonatan Striem-Amit spoke to a crowded room at the RSA Conference about the hype and hope of AI and Machine Learning. Fast forward a year later, Cybereason was recently named an IDC Innovator in the AI Intelligence-Infused Security Solutions report.

LOLbins and trojans: How the Ramnit Trojan spreads via sLoad in a cyberattack

Phishing

LOLbins and trojans: How the Ramnit Trojan spreads via sLoad in a cyberattack

Cybereason detected an evasive infection technique used to spread a variant of the Ramnit banking Trojan as part of an Italian spam campaign. We investigate this attack, its use of sLoad, and its adoption of LOLbins to minimize discovery.

The Round I MITRE ATT&CK Product Evaluations: A Guide By Security Experts

MITRE ATT&CK Framework

The Round I MITRE ATT&CK Product Evaluations: A Guide By Security Experts

The MITRE ATT&CK framework is a complex solution to a complex problem. Rather than simply scoring vendors on a linear scale, it offers a more profound view of capabilities, applicability, and use-case. This is what you need to know about the way MITRE uses ATT&CK to evaluate security vendors, and how threat hunting factors into the ATT&CK framework.

Pervasive Brazilian financial malware targets bank customers in Latin America and Europe

Pervasive Brazilian financial malware targets bank customers in Latin America and Europe

Cybereason’s Nocturnus team analyzed numerous campaigns related to Brazilian financial malware and found that these programs have become pervasive and infected 60 banks in nearly a dozen countries throughout South America, Spain and Portugal.