Cyber Security

The hackers behind the ‘9/11 papers’ extortion

by Verint CTI (powered by SenseCy)

posted at January 24, 2019

On December 31, 2018, a cybercrime group going by the handle The Dark Overlord (hereafter TDO) claimed he had hacked an unnamed company, and exfiltrated a large volume of sensitive documents related to the 9/11 terror attacks-related lawsuits. TDO aims to extort the impacted organizations into paying a Bitcoin ransom and he already published batches

Growing Awareness of the Darknet in China following Huge Domestic Database Breaches

by Verint CTI (powered by SenseCy)

posted at November 27, 2018

In recent weeks, we have identified a growing awareness on Chinese security blogs and mainstream media, to the existence of the Darknet, and the activities of Chinese users on its platforms. The focus is mostly on the sale of leaked data, mainly of Chinese citizens. One of these leaks pertained to the Huazhu hotel group

Breaking Down Builder-encrypted RAT

by Nadav Lorber

posted at November 7, 2018

The emerging trend of Fully Undetectable (FUD) malware builders is not new to our research team. However, in light of the wide variety of techniques that the malware authors keep developing, it’s obvious that we will always encounter malicious code execution tricks that successfully bypass traditional anti-malware solutions. This blog post is actually a case

Threat Hunting with TPS to Reveal Undetected Malicious Activities

by Nadav Lorber

posted at October 25, 2018

One of the common concepts applied in threat hunting, is to define a hypothesis that will yield indicators/TTPs to follow, in order to discover malicious behavior that went under the radar. When using Verint’s Threat Protection System (TPS) for example, we can utilize predefined queries that aim to discover malicious indicators within the events’ raw