<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=116645602292181&amp;ev=PageView&amp;noscript=1">
Cybereason + Arm: Securing The Core of IoT
LEARN MORE →
Securing IoT
LEARN MORE →

5 Capabilities of a Modern Endpoint Protection Platform

Endpoint Detection and Response

5 Capabilities of a Modern Endpoint Protection Platform

In order to address the evolving threat landscape, the security industry has turned to more comprehensive endpoint protection platforms. What are they?

Fileless Malware 101: Understanding Non-Malware Attacks

Malware

Fileless Malware 101: Understanding Non-Malware Attacks

Unlike attacks carried out using traditional malware, fileless malware attacks don’t entail attackers installing software on a victim’s machine. Instead, tools that are built-in to Windows are hijacked by adversaries and used to carry out attacks. Essentially, Windows is turned against itself.

Explaining Fileless Malware Succinctly with Examples from our Research

Antivirus

Explaining Fileless Malware Succinctly with Examples from our Research

In Q1 2018, fileless attacks were up 94%. Learn about what fileless malware is with common examples from the Cybereason Nocturnus team's research.

Glupteba Expands Operation and Toolkit with LOLBins And Cryptominer

LOLbins

Glupteba Expands Operation and Toolkit with LOLBins And Cryptominer

The Nocturnus team has identified variants of Glupteba that made use of an extensive arsenal, including LOLBins and a cryptocurrency miner.

Exploit Kits “Shade” Into New Territory

LOLbins

Exploit Kits “Shade” Into New Territory

We take a closer look at the Spelevo exploit, its infection method, and the new direction attackers are taking the Shade ransomware to make money while avoiding publicity.

Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers

Advanced Persistent Threat

Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers

In 2018, the Cybereason Nocturnus team identified an advanced, persistent attack targeting global telecommunications providers.

Threat Actor TA505 Targets Financial Enterprises Using LOLBins and a New Backdoor Malware

LOLbins

Threat Actor TA505 Targets Financial Enterprises Using LOLBins and a New Backdoor Malware

In this research, we introduce a meticulously planned, malicious operation against a financial institution in April of 2019 by TA505.

The Newest Variant of the Astaroth Trojan Evades Detection in the Sneakiest Way

Next Generation Antivirus

The Newest Variant of the Astaroth Trojan Evades Detection in the Sneakiest Way

In this overview, we explain one of the most recent and unique campaigns involving the Astaroth trojan. This spam campaign targeted Brazil and was able to infiltrate systems in a unique way - using processes in some security products.

Astaroth Malware Uses Legitimate OS and Antivirus Processes to Steal Passwords and Personal Data

Malware

Astaroth Malware Uses Legitimate OS and Antivirus Processes to Steal Passwords and Personal Data

In this research, we explain one of the most recent and unique campaigns involving the Astaroth trojan. This Trojan and information stealer was recognized in Europe and chiefly affected Brazil through the abuse of native OS processes and the exploitation of security-related products.

LOLbins and trojans: How the Ramnit Trojan spreads via sLoad in a cyberattack

Phishing

LOLbins and trojans: How the Ramnit Trojan spreads via sLoad in a cyberattack

Cybereason detected an evasive infection technique used to spread a variant of the Ramnit banking Trojan as part of an Italian spam campaign. We investigate this attack, its use of sLoad, and its adoption of LOLbins to minimize discovery.