Siemplify and Intezer: Incorporate Genetic Malware Analysis into Your SOAR Platform (Video)

  One of the most common and time-consuming cases security operations centers (SOCs) must complete daily are malware investigations. Part…
The post Siemplify and Intezer: Incorporate Genetic Malware Analysis into Your SOAR Platform (Video) appea… Continue reading Siemplify and Intezer: Incorporate Genetic Malware Analysis into Your SOAR Platform (Video)

Memory analysis is the ground truth

In recent years, enterprises have adopted next-gen endpoint protection products that are doing an admirable job detecting anomalies. For example, searching for patterns such as remote access to memory, modification of specific registry keys and alertin… Continue reading Memory analysis is the ground truth

Shopify, Intezer, & Weaponized Vuln. – Hack Naked News #215

    This week, a weather channel that was knocked off air by a malicious attack, how bad bots make up 20 percent of web traffic, ransomware ravages municipalities nationwide, a flaw in Shopify API exposed revenue and traffic data of thousands of stores… Continue reading Shopify, Intezer, & Weaponized Vuln. – Hack Naked News #215

Intezer unveils its Endpoint Analysis solution as an addition to Intezer Analyze platform

Intezer announced the inception of its Endpoint Analysis solution, adding to the company’s Genetic Malware Analysis offerings. Located within the Intezer Analyze platform, the Endpoint Analysis solution consists of a zero-installation scanner tha… Continue reading Intezer unveils its Endpoint Analysis solution as an addition to Intezer Analyze platform

Chinese group said to use HackingTeam tools to spread ransomware, cryptominers

A sophisticated Chinese cybercrime group is using old, leaked computer code from a notorious cyber-arms dealer known as HackingTeam to breach thousands of companies, mostly based in Asia, according to new research by Israel cybersecurity firm Intezer. The latest observation shows how HackingTeam’s breach in 2015, when its wares leaked online for anyone to copy, is still having effects on global security. HackingTeam claims that it only sells its “lawful intercept” product to governments and law enforcement agencies, but prior investigations have shown the extent to which these tools are often abused by authoritarian regimes to target otherwise innocent dissidents. The 2015 leak provided these powerful capabilities to a wide array of people, including apparently cybercriminals. Intezer explained in a blog post published Tuesday that researchers first noticed a series of unique remote access trojans, cryptominers and ransomware variants for Windows, Linux and Android platforms while monitoring public data feeds. In addition, the group appears […]

The post Chinese group said to use HackingTeam tools to spread ransomware, cryptominers appeared first on Cyberscoop.

Continue reading Chinese group said to use HackingTeam tools to spread ransomware, cryptominers

North Korean hackers are impersonating a cryptocurrency company to target Bitcoin fans

A clever spearphishing campaign linked to North Korea has been taking advantage of a surge in public interest surrounding cryptocurrencies, like Bitcoin, in order to spread malware to people interested or involved in the budding industry, according new research from at least three different cybersecurity firms. The campaign appears to be carried out by a hacking group known as the “Lazarus Group,” which researchers have linked to North Korea in previous attacks, such as the 2014 Sony breach, an $81 million Bangladesh cyber heist in 2016 and the WannaCry worldwide ransomware attack in May. This scam focuses on convincing victims to download a Microsoft Word document that masquerades as a job posting for a position at a British cryptocurrency company. Once downloaded, the document prompts the user to “enable editing” and “enable content functions.” If the victim enables the prompt, a macro installs a backdoor that allows the attackers to install […]

The post North Korean hackers are impersonating a cryptocurrency company to target Bitcoin fans appeared first on Cyberscoop.

Continue reading North Korean hackers are impersonating a cryptocurrency company to target Bitcoin fans