Advanced persistent threats – Page 2

New! RFP Template for Selecting EDR/EPP and APT Security

Posted on September 18, 2019 by clare

Cynet’s new RFP templates clearly lay out the requirements for securing potential APT vectors. Continue reading New! RFP Template for Selecting EDR/EPP and APT Security→

Overview of NIST 800-171b: 33 Enhanced Security Requirements to Help Protect DoD Contractors

Posted on September 5, 2019 by Tripwire Guest Authors

In early July, NIST released draft versions of two new publications: NIST SP 800-171 Revision 2: Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations NIST SP 800-171B: Protecting Controlled Unclassified Information in … Continue reading Overview of NIST 800-171b: 33 Enhanced Security Requirements to Help Protect DoD Contractors→

Costin Raiu and Juan Andres Guerrero-Saade on APT Fourth-Party Collection

Posted on October 4, 2017 by Chris Brook

Costin Raiu and Juan Andres Guerrero-Saade talk to Mike Mimoso live from Virus Bulletin in Madrid about APTs leveraging one anothers’ attacks and compromised machines as their own. Continue reading Costin Raiu and Juan Andres Guerrero-Saade on APT Fourth-Party Collection→

Security Analyst Summit 2017 Day One Recap

Posted on April 3, 2017 by Chris Brook

Mike Mimoso and Chris Brook recap the first day of this year’s Security Analyst Summit, including Mark Dowd’s memory corruption bug keynote, the digital archeology around Moonlight Maze, ATM hacking, and the Lazarus APT. Continue reading Security Analyst Summit 2017 Day One Recap→

Reverse-engineering DUBNIUM

Posted on June 10, 2016 by msft-mmpc

DUBNIUM (which shares indicators with what Kaspersky researchers have called DarkHotel) is one of the activity groups that has been very active in recent years, and has many distinctive features. We located multiple variants of multiple-stage droppers and payloads in the last few months, and although they are not really packed or obfuscated in a… Continue reading Reverse-engineering DUBNIUM→

Digging deep for PLATINUM

Posted on April 26, 2016 by Microsoft Malware Protection Center

There is no shortage of headlines about cybercriminals launching large-scale attacks against organizations. For us, the activity groups that pose the most danger are the ones who selectively target organizations and desire to stay undetected, protect their investment, and maximize their ROI. That’s what motivated us – the Windows Defender Advanced Threat Hunting team, known… Continue reading Digging deep for PLATINUM→