<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=116645602292181&amp;ev=PageView&amp;noscript=1">

Insights Resources

Research

SIOFRA, A FREE TOOL BUILT BY CYBEREASON RESEARCHER, EXPOSES DLL HIJACKING VULNERABILITIES IN WINDOWS PROGRAMS

Siofra, developed by Forrest Williams, Senior Security Researcher at Cybereason, is a research tool that can identify DLL hijacking vulnerabilities in Windows programs and has an automated way to craft DLLs to exploit these vulnerabilities.

Read More
Research

Siofra, developed by Forrest Williams, Senior Security Researcher a...

Read More
Research

NIGHT OF THE DEVIL: RANSOMWARE OR WIPER? A LOOK INTO TARGETED ATTACKS IN JAPAN USING MBR-ONI

For several months Cybereason has been following the concerning rise of ONI, a family of ransomware involved in targeted attacks against Japanese companies. We suspect that the ONI ransomware was used as a wiper to cover up an elaborate hacking operation.

Read More
Research

For several months Cybereason has been following the concerning ris...

Read More
Research

LEVERAGING EXCEL DDE FOR LATERAL MOVEMENT VIA DCOM

DDE, or Dynamic Data Exchange, is a legacy interprocess communication mechanism that’s been part of some Windows applications since as early as 1987. DDE enables applications to request items made available by other programs, such as cells in a Microsoft Excel spreadsheet, and be notified of any changes within these items.

Read More
Research

DDE, or Dynamic Data Exchange, is a legacy interprocess communicati...

Read More
Research

ATTACKERS TURN TO MASQUERADING ICONS TO BOOST PHISHING ATTACK’S SUCCESS

Cybereason has observed thousands of malicious file executions masquerading as a popular programs such as Adobe PDF Reader, MS Word and Chrome. Using familiar icons is meant to deceive users into thinking that the file is legit and safe to open.

Read More
Research

Cybereason has observed thousands of malicious file executions masq...

Read More