At the end of January, Saudi Arabia’s telecom authority issued an alert warning about Shamoon 2, a wiper malware that hit several organizations, including three government agencies and four private sector companies.
March 06, 2017
Dropping AtomBombs: Detecting DridexV4 in the Wild
Banking trojans have been around for years, but gained greater visibility in 2015 and into 2016 as they moved from targeting European banks to American banks. We previously discussed the Odinaff banking trojan, which was responsible for the SWIFT attacks, and the theft of close to $1 billion.
February 21, 2017
Lessons from the Trenches: Obfuscation and Pattern Recognition
In my recently released book Facing Cyber Threats Head On, I spend a lot of time discussing how contemporary cyber security is just as much about stopping people (the attackers) as it is about stopping malware. When you look at it, stopping people is a different problem and requires a different approach than stopping malware. At the end of the day, people create and adjust strategies based on what they experience. Computer programs do not.
There are many tricks to the tradecraft when analyzing unknown binaries, and it requires constant honing of skills to stay on top of the latest malware and campaigns. Solving reverse-engineering challenges is one way to keep your skills sharp. In our previous post, we discussed some tips from the Flare-On Challenge.
By participating with AMTSO, Endgame works to advance testing standards for next-gen security technologies
Arlington, VA - January 13, 2017 - Endgame, a leading endpoint security platform closing the protection gap against advanced attackers, announced today that it joined the Anti-Malware Testing Standards Organization (AMTSO). Participation in AMTSO furthers Endgame’s mission to develop scientifically objective and statistically significant third-party testing methodologies for next-gen security products.