Cyber Security

Detecting C&C Server Communications – Context is Key

by Israel Aloni

posted at November 29, 2016

By now, the concept of the cyber Attack Chain (or kill chain) is widely accepted as a way to understand and deal with threats. Just to refresh your memory, here is Gartner’s take: Source: Gartner As you can see, the first thing that malware does once it’s established on the network is call home –

Revealing the Long-Term Costs of Building an Advanced Cyber SOC

by Ben Kapon

posted at November 22, 2016

Aware of the dangers and probability of suffering a data breach, organizations are rethinking their security posture. They realize that the traditional prevention-based security model, based on signature-based perimeter tools, is no longer effective against advanced cyber threats. To avoid being the next victim of a high-profile data breach, organizations are seeking advanced and post-breach

SpamTorte Version 2: Discovery of an Advanced, Multilayered Spambot Campaign that is Back with a Vengeance

by Verint Research Lab

posted at November 8, 2016

Verint’s research team has recently discovered a new and unknown version of the Torte botnet malware. Christened SpamTorte 2.0, it is a powerful, multi-layered Spambot (Spam Botnet) that is capable of running large scale, efficient spam campaigns while cleverly masking itself to avoid detection. It’s worth noting that the initial detection was exclusively detected by the

Discovery of a New Nymaim Malware Variant Employing Advanced Delivery, Obfuscation and Blacklisting methods

by Verint Research Lab

posted at October 27, 2016

Verint’s Cyber Research team has discovered an unknown variant of the Nymaim malware family, a group of threats that are also capable of downloading various malicious payloads onto the affected device, ranging from Ransomware to Banking Trojans. Background Nymaim is a malware family that was prevalent in 2013 but has recently reemerged on the threat landscape.