Verint Blog

Growing Awareness of the Darknet in China following Huge Domestic Database Breaches

by Verint CTI (powered by SenseCy)

posted at November 27, 2018

In recent weeks, we have identified a growing awareness on Chinese security blogs and mainstream media, to the existence of the Darknet, and the activities of Chinese users on its platforms. The focus is mostly on the sale of leaked data, mainly of Chinese citizens. One of these leaks pertained to the Huazhu hotel group

Breaking Down Builder-encrypted RAT

by Nadav Lorber

posted at November 7, 2018

The emerging trend of Fully Undetectable (FUD) malware builders is not new to our research team. However, in light of the wide variety of techniques that the malware authors keep developing, it’s obvious that we will always encounter malicious code execution tricks that successfully bypass traditional anti-malware solutions. This blog post is actually a case

Intelligence Fusion is a Pain

by Moranne Yaari

posted at October 28, 2018

Do you have “data integration frustration”? Believe me, you’re not alone. More and more, I am hearing from investigators and intelligence analysts the same pain, almost bordering on paralysis: They collect lots of new and relevant data from new sources – but the integration takes a lot of time. Our clients speak of recurrent challenging

Threat Hunting with TPS to Reveal Undetected Malicious Activities

by Nadav Lorber

posted at October 25, 2018

One of the common concepts applied in threat hunting, is to define a hypothesis that will yield indicators/TTPs to follow, in order to discover malicious behavior that went under the radar. When using Verint’s Threat Protection System (TPS) for example, we can utilize predefined queries that aim to discover malicious indicators within the events’ raw