Find more information about solutions and services, our technology and research insights, webinars and other resources on a wide array of subject matter.
Featured
See the many opportunities an attacker has to advance the operation, and the ways a defender can break the kill chain and end the attack before crown jewels are compromised.
Watch Now
With application whitelisting being integrated into an OS’s security stack, attackers need more creative ways to use their tools without getting detected. In this incident observed by Cybereason, DLL hijacking was used to run Mimikatz using a process that was signed and verified by Oracle.
Read MoreCybereason researchers have discovered new lateral movement techniques that abuse WMI. They also created a tool that lets analysts see the potential harm attackers could cause if they used these techniques.
Read MoreFor several months Cybereason has been following the concerning rise of ONI, a family of ransomware involved in targeted attacks against Japanese companies. We suspect that the ONI ransomware was used as a wiper to cover up an elaborate hacking operation.
Read MoreDDE, or Dynamic Data Exchange, is a legacy interprocess communication mechanism that’s been part of some Windows applications since as early as 1987. DDE enables applications to request items made available by other programs, such as cells in a Microsoft Excel spreadsheet, and be notified of any changes within these items.
Read MoreOSX.Pirrit’s code had the potential to carry out much more malicious activities. As a result of the report, some of Pirrit’s servers and a few distribution websites were taken down. But the story doesn’t end there.
Read MoreCybereason researchers discovered new lateral movement methods that abuse the DCOM functionality of Windows applications.
Read MoreCompromised Web application servers have been a security issue since the dawn of the Internet but many security solutions don't detect this threat.
Read MoreCybereason has observed thousands of malicious file executions masquerading as a popular programs such as Adobe PDF Reader, MS Word and Chrome. Using familiar icons is meant to deceive users into thinking that the file is legit and safe to open.
Read MoreCybereason's security team on Thursday discovered that the memcached servers used in the largest DDoS attack to date are including a ransom note in the payload.
Read MoreNo one likes grunt work, including attackers, who have turned to bots to automatically handle menial tasks like exploiting vulnerabilities.
Read More