Gartner says it best in its most recent Market Guide for Managed Detection and Response (MDR) Services: “Managed detection and response improves threat detection monitoring and incident response capabilities via a turnkey approach to detecting threats that have bypassed other controls. Security and risk management leaders need to understand
In June 2018, Cybereason posted a blog about a malicious Dynamic-Link Library (DLL) file exhibiting a behavior associated with credential theft. Their analysis discovered that the malicious DLL MSVCR100.dll was leveraging the DLL search-order hijacking technique to load itself during the execution of unpack200.exe – an Oracle verified Portable
Hidden Cobra’s latest attack tool
Ransomware attacks are continuing to threaten the stability of government authorities, healthcare organizations, utility companies and critical data in all industries. It has been a year since WannaCry hit and businesses are still feeling the after-effects of a worldwide ransomware attack. Now in 2018, SamSam, a targeted ransomware attack, hit
This MSSP increased its service offerings from Security Information Event Management (SIEM) to include Intrusion Prevention (IPS) and 24/7/365 incident detection and response delivered by a Security Operations Center (SOC) team. In addition to incident detection and response capabilities, the SOC team also supports compliance monitoring. The
“Nearly 98% of all recorded point of sale (POS) attacks resulting in a confirmed data breach”. Verizon Data Breach Investigations
In this post we will unveil a new process injection we call “Ctrl-Inject” that leverages the mechanism of handling Ctrl signals in console applications. While going through MSDN as part of our research we came across the following comment regarding Ctrl signal handling:
Dealing with the full capabilities of PowerShell-based, fileless attacks is daunting. The ability for PowerShell to run virtually invisibly on local systems as well as its ability to move throughout the Microsoft ecosystem makes it not only a challenging threat today, but one that will evolve rapidly.
We are proud to announce that enSilo is a recommended vendor out of 20 vendors in the (AEP) 2018 group test. enSilo received 100% malware block rate of HTTP, Email, Docs, Scripts, Offline Threats and Evasions delivery mechanisms.
To get a free copy of the NSS Labs AEP 2018 SVM (Security Value Map) and enSilo's report please visit the enSilo