<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=116645602292181&amp;ev=PageView&amp;noscript=1">

Insights Resources

Research

Pervasive Brazilian financial malware targets bank customers in Latin America and Europe

Cybereason’s Nocturnus team mapped out the multi-stage malware distribution infrastructure behind Brazilian financial malware and found that Brazilian-made malware have become pervasive and target over 60 banks in nearly a dozen countries throughout Latin America, Spain and Portugal.

Read More
Research

Cybereason’s Nocturnus team mapped out the multi-stage malware dist...

Read More
Case Study

Connecticut Water

Connecticut Water provides life-sustaining water to more than 360,000 people in 59 communities in Connecticut and Maine. This critical infrastructure provider needed greater visibility into its 500 endpoints, including the ones in its corporate network and industrial control systems environment.

Read More
Case Study

Connecticut Water provides life-sustaining water to more than 360,0...

Read More
Research

WANNAMINE CRYPTOMINER THAT USES ETERNALBLUE STILL ACTIVE

The Wannamine cryptominer, which uses the EternalBlue exploits, is still active although a patch that fixes these well-known vulnerabilities was released last March. Amit Serper, Cybereason's head of security research, examines this variant and makes the case for patching your systems.

Read More
Research

The Wannamine cryptominer, which uses the EternalBlue exploits, is ...

Read More
White Papers

AI Hunting with the Cybereason Platform: A SANS Review

SANS reviewed Cybereason's AI hunting platform, which offers a lightweight, behavior-focused model ofhost-based protection that can help intrusion analysis and investigations teams more rapidly and efficiently prevent, detect and analyze malicious behavior in their environments.

Read More
White Papers

SANS reviewed Cybereason's AI hunting platform, which offers a ligh...

Read More
Research

ATTACKERS INCRIMINATE A SIGNED ORACLE PROCESS FOR DLL HIJACKING, RUNNING MIMIKATZ

With application whitelisting being integrated into an OS’s security stack, attackers need more creative ways to use their tools without getting detected. In this incident observed by Cybereason, DLL hijacking was used to run Mimikatz using a process that was signed and verified by Oracle.

Read More
Research

With application whitelisting being integrated into an OS’s securit...

Read More
Research

NIGHT OF THE DEVIL: RANSOMWARE OR WIPER? A LOOK INTO TARGETED ATTACKS IN JAPAN USING MBR-ONI

For several months Cybereason has been following the concerning rise of ONI, a family of ransomware involved in targeted attacks against Japanese companies. We suspect that the ONI ransomware was used as a wiper to cover up an elaborate hacking operation.

Read More
Research

For several months Cybereason has been following the concerning ris...

Read More