Malware Research

March 23, 2017
Protecting Against Shamoon 2 and Stonedrill: In the Crossfire of Geopolitics and Wiper Malware

At the end of January, Saudi Arabia’s telecom authority issued an alert warning about Shamoon 2, a wiper malware that hit several organizations, including three government agencies and four private sector companies.

March 06, 2017
Dropping AtomBombs: Detecting DridexV4 in the Wild

Banking trojans have been around for years, but gained greater visibility in 2015 and into 2016 as they moved from targeting European banks to American banks. We previously discussed the Odinaff banking trojan, which was responsible for the SWIFT attacks, and the theft of close to $1 billion.

February 21, 2017
Lessons from the Trenches: Obfuscation and Pattern Recognition
Posted By:
Categories :

Code deobfuscation and pattern recognition are as much an art as a science. In the past, we’ve talked about automating many aspects of proactive detection, such as through delta analysis, scripts, or crawling the web for exploits.

February 09, 2017
World, Meet MalwareScore

Sharing ideas, tools, and techniques among our community of defenders makes everyone sharper and safer.

Endgame Machine Learning Engine Featured in VirusTotal

Signature-Less Endpoint Prevention and Detection Proven to Anticipate Latest Attacker Innovations

February 08, 2017
Endgame and Morphick: Closing the Gap in Advanced Cyber Threat Response

In my recently released book Facing Cyber Threats Head On, I spend a lot of time discussing how contemporary cyber security is just as much about stopping people (the attackers) as it is about stopping malware.  When you look at it, stopping people is a different problem and requires a different approach than stopping malware.  At the end of the day, people create and adjust strategies based on what they experience.  Computer programs do not.

Endgame Leapfrogs EDR Incumbents; Dramatically Expanding Preventions and Detections to Stop Zero Days, Malwareless Attacks, and Ransomware

Platform updates solve for industry failures by offering the only end-to-end EDR solution that instantly immobilizes attackers in time to prevent damage and loss 

Endgame Announces Artemis: ‘Siri for Security’ to Transform SOC Operations

AI-powered chatbot bolsters security analysts to accelerate attack detection and response 

January 17, 2017
Dude! Where's my Ransomware?: A Flare-On Challenge
Posted By:
Categories :

There are many tricks to the tradecraft when analyzing unknown binaries, and it requires constant honing of skills to stay on top of the latest malware and campaigns. Solving reverse-engineering challenges is one way to keep your skills sharp. In our previous post, we discussed some tips from the Flare-On Challenge.

Endgame Joins Anti-Malware Testing Standards Organization (AMTSO)

By participating with AMTSO, Endgame works to advance testing standards for next-gen security technologies

Arlington, VA - January 13, 2017 - Endgame, a leading endpoint security platform closing the protection gap against advanced attackers, announced today that it joined the Anti-Malware Testing Standards Organization (AMTSO). Participation in AMTSO furthers Endgame’s mission to develop scientifically objective and statistically significant third-party testing methodologies for next-gen security products.