Verint Blog

Intelligence Fusion is a Pain

by Yifat Mitrani

posted at October 28, 2018

Do you have “data integration frustration”? Believe me, you’re not alone. More and more, I am hearing from investigators and intelligence analysts the same pain, almost bordering on paralysis: They collect lots of new and relevant data from new sources – but the integration takes a lot of time. Our clients speak of recurrent challenging

Threat Hunting with TPS to Reveal Undetected Malicious Activities

by Nadav Lorber

posted at October 25, 2018

One of the common concepts applied in threat hunting, is to define a hypothesis that will yield indicators/TTPs to follow, in order to discover malicious behavior that went under the radar. When using Verint’s Threat Protection System (TPS) for example, we can utilize predefined queries that aim to discover malicious indicators within the events’ raw

PyLocky Ransomware Source Code Leaked Online

by Verint Cyber Threat Intelligence Research Team

posted at October 9, 2018

Threat Summary PyLocky represents a new ransomware strain that was detected in the wild in late July 2018, and whose volume of infections increased throughout the month of August. The malware is usually distributed through malspam emails claiming to link to a fake payment invoice, and it features advanced anti-detection and anti-sandbox capabilities. Notably, infection

Source Code of Ratopak/ Pegasus Spyware Targeting the Financial Sector Recently Leaked

by Verint Cyber Threat Intelligence Research Team

posted at August 28, 2018

On July 6, 2018, a post claiming to contain the source code of Carbanak group malware was published on a Russian-speaking underground forum. Soon after the sharing of the code on the Russian underground, it was uploaded by an unknown actor to the text-sharing platform Pastebin, making it accessible to all. At the same time,