<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=116645602292181&amp;ev=PageView&amp;noscript=1">

Insights Resources

White Papers

AI Hunting with the Cybereason Platform: A SANS Review

SANS reviewed Cybereason's AI hunting platform, which offers a lightweight, behavior-focused model ofhost-based protection that can help intrusion analysis and investigations teams more rapidly and efficiently prevent, detect and analyze malicious behavior in their environments.

Read More
White Papers

SANS reviewed Cybereason's AI hunting platform, which offers a ligh...

Read More
Research

ATTACKERS INCRIMINATE A SIGNED ORACLE PROCESS FOR DLL HIJACKING, RUNNING MIMIKATZ

With application whitelisting being integrated into an OS’s security stack, attackers need more creative ways to use their tools without getting detected. In this incident observed by Cybereason, DLL hijacking was used to run Mimikatz using a process that was signed and verified by Oracle.

Read More
Research

With application whitelisting being integrated into an OS’s securit...

Read More
Research

NIGHT OF THE DEVIL: RANSOMWARE OR WIPER? A LOOK INTO TARGETED ATTACKS IN JAPAN USING MBR-ONI

For several months Cybereason has been following the concerning rise of ONI, a family of ransomware involved in targeted attacks against Japanese companies. We suspect that the ONI ransomware was used as a wiper to cover up an elaborate hacking operation.

Read More
Research

For several months Cybereason has been following the concerning ris...

Read More
Research

LEVERAGING EXCEL DDE FOR LATERAL MOVEMENT VIA DCOM

DDE, or Dynamic Data Exchange, is a legacy interprocess communication mechanism that’s been part of some Windows applications since as early as 1987. DDE enables applications to request items made available by other programs, such as cells in a Microsoft Excel spreadsheet, and be notified of any changes within these items.

Read More
Research

DDE, or Dynamic Data Exchange, is a legacy interprocess communicati...

Read More
Webinars

THE YEAR OF THE DEFENDER: FIVE PREDICTIONS FOR CYBERSECURITY IN 2018

Cybersecurity dominated the news cycle in 2017. There were headlines about viral ransomware, global destructive wipers posing as ransomware, leaks of spy tools from U.S. intelligence agencies, and breaches at major companies. And while there are still a couple of weeks remaining in 2017, we’re crossing our fingers and hoping that we’re done with cybermeltdowns for the year.

Read More
Webinars

Cybersecurity dominated the news cycle in 2017. There were headline...

Read More