Threat Report Thursday December 5th 2019
Paul Scott on December 5, 2019
In this week’s usually weekly threat report we have a bunch of new attacker tools which covers the Buer loader, CStealer malware, CallerSpy mobile malware, and PyXie Remote Access Trojan (RAT). We’ve also got a cautionary tale for the threat actors that create and operate these tools with the takedown of a RAT from Down Under. Buer loads up baddies with new loader tool Since late August 2019, a new downloader, Buer, has appeared recently in a variety of threat campaigns.
Threat Report Thursday November 21st 2019
Paul Scott on November 21, 2019
In this week’s usually weekly threat report MageCart pops back on the scene with Macy’s, Phineas Phisher lands a suspected Cayman money laundering bank, Roboto botnet targets Webmin, and two new backdoors get the spotlighted. MageCart goes card-skimming at Macy’s Macy’s recently announced a data breach caused by implanted Magecart card-skimming code in Macy’s online payment portal. According to Macy’s notice, the company was alerted to a suspicious connection between macys.
Threat Report Thursday November 14th 2019
Paul Scott on November 14, 2019
We’re back with another edition of the usually weekly threat report. This week we’re highlighting two critical vulnerabilities, a case of business email compromise for a medical school, and a Trickbot campaign targeting U.S. government offices. Chrome vulnerability on Exploit.in with YouTube demo If you haven’t updated Chrome recently, you might want to. In early November, a critical use-after-free vulnerability was disclosed for Google Chrome (CVE-2019-13720). Earlier this week a Proof-of-Concept exploit for the vulnerability was posted on YouTube by Tony Stack.
Threat Report Wednesday October 30th 2019
Paul Scott on October 30, 2019
In this week’s threat report, we have a spooky threat actor just in time for Halloween. The Perch Security Operations Center (SOC) has discovered a threat campaign targeting a number of unpatched Drupal servers and other vulnerable web-server workloads in the United States in September. After analyzing the related malware that was building a botnet, they are ready to report. The Lucifer botnet was leveraged to send phishing emails taking advantage of a change in EU financial service regulations.
“Cisco is partnering with Perch Security to deliver a new security solution for managed service providers (MSPs) who are challenged by an evolving threat landscape. MSPs are on front lines of protecting their clients against data breaches, malware, ransomware and other attacks for which they are often unprepared. To address these threats, Cisco is applying its security expertise and portfolio to MSPs in partnership with Perch to bring them the tools that will strengthen their security posture and better protect both themselves and their clients.
Release Notes
October 21, 2019
MSP Security Conference: PerchyCon 2020 Confirmed for January
Perchy on October 17, 2019
A new MSP cybersecurity conference is set to launch in January 2020. The event, hosted by Perch Security, is dubbed PerchyCon. The Tampa, Florida-based conference is designed for MSP and MSSP owners as well as infosec practitioners. Perch Security offers co-managed threat detection and response (MDR) services. The company has a growing base of MSP partners, plus investment backing from ConnectWise and Fishtech Group. Get the full article here.
Threat Report Thursday October 17th 2019
Paul Scott on October 17, 2019
Did you miss us last week? We’ve been busy investigating some recent threats and have an update for you in this week’s threat report. Hackers get hacked for 26M cards, APT35 returns with a new campaign using non-standard link shorteners, Diamond Fox gets demo’d on YouTube, and Bishopfox releases Pwn Pulse POC. Hackers pilfer underground hack store for 26M stolen credit cards One of the largest underground stores for buying stolen credit card data, BriansClub, was hacked.
Perch Security named winner in Cyber Defense Global Awards 2019
Perchy on October 9, 2019
“We’re thrilled to name Perch Security a winner as Managed Detection and Response (MDR) and also Intrusion Detection System (IDS) in our Global Awards program. They won these awards because they pioneered threat detection – an innovative approach to defeating the next generation of cyber criminals,” said Gary S. Miliefsky, Publisher, Cyber Defense Magazine. Get the full story here. About Cyber Defense Global Awards This is Cyber Defense Magazine's seventh year of honoring InfoSec innovators from around the globe.
Can Perch detect Ransomware?
Wes Spencer on October 8, 2019
A new-ish customer asked us this week about the quality of their ransomware detection coverage (based on the intel feeds they were pulling in), and how Perch handles ransomware. It was a great question, so I thought I would recap it here and share it with all of you. Intel on ransomware: Perch has a large and ever-growing amount of detections for ransomware. Here are just a few examples if you’d like to take a look.