CyberSecurity

Breaking Down Builder-encrypted RAT

by Nadav Lorber

posted at November 7, 2018

The emerging trend of Fully Undetectable (FUD) malware builders is not new to our research team. However, in light of the wide variety of techniques that the malware authors keep developing, it’s obvious that we will always encounter malicious code execution tricks that successfully bypass traditional anti-malware solutions. This blog post is actually a case

Threat Hunting with TPS to Reveal Undetected Malicious Activities

by Nadav Lorber

posted at October 25, 2018

One of the common concepts applied in threat hunting, is to define a hypothesis that will yield indicators/TTPs to follow, in order to discover malicious behavior that went under the radar. When using Verint’s Threat Protection System (TPS) for example, we can utilize predefined queries that aim to discover malicious indicators within the events’ raw

PyLocky Ransomware Source Code Leaked Online

by Verint CTI (powered by SenseCy)

posted at October 9, 2018

Threat Summary PyLocky represents a new ransomware strain that was detected in the wild in late July 2018, and whose volume of infections increased throughout the month of August. The malware is usually distributed through malspam emails claiming to link to a fake payment invoice, and it features advanced anti-detection and anti-sandbox capabilities. Notably, infection

Update – FastDataX Campaign is Now Even Stronger and a Whole Lot More Malicious!

by Verint Research Lab

posted at July 23, 2018

Back in our July blog, FastDataX campaign, we shared some very compelling research with our readers – we were excited by the amount of interest it created.  Fast forward a few more months of research and we have more to share with you, including multiple accounts of infection observed throughout our Threat Protection System.  We