Paul Scott on
February 27, 2019
Welcome back to our regularly scheduled weekly threat report. There was malware last week. There is malware this week. And, there will be malware for the foreseeable future. Oh, and malware’s best friend, some vulnerabilities too.
Hackers turn to LinkedIn for More_Eggs Since mid-2018, a campaign spreading More_Eggs malware has targeted U.S. companies in industries that commonly use online payment portals like retail, entertainment, and pharmacy. More_Eggs spreads via LinkedIn’s legitimate direct messaging service, offering fake jobs to victims and repeatedly following up via email to deliver the backdoor More_Eggs.
February 25, 2019
Perch Security has been awarded with multiple achievements in the 2019 Cybersecurity Excellence Awards. This is the second year in a row Perch Security placed, outperforming last year in every eligible category.
Perch Security placed as the:
Gold Winner for Security Monitoring
Gold Winner for Intrusion Detection & Prevention
Silver Winner for Best Cybersecurity Startup (between 10 and 49 employees)
Silver Winner for Threat Detection, Intelligence and Response
Paul Scott on
February 22, 2019
This week we’re breaking from our regular coverage to bring you a follow up from Perch security researchers. We’ve got a lot of malware related information to highlight some active botnets and possible relationships between various strains. Additionally, we provide details on two recently spun up malware campaigns that are making waves.
Cayosin gets a Tsunami of an Update On February 3, 2019 we broke the news about an emerging botnet, Cayosin.
Aylin Ildir on
February 19, 2019
Cybersecurity is a quickly evolving industry and is expected to grow to USD 300 billion by 2024. With such a rapidly progressing industry you find new players emerging; one of which is Perch – Perch Security (read with James Bond voice). Although the company is new to the industry, our star-studded lineup is far from it. We have our CEO alone who has a background in founding cybersecurity companies, creating regulations and compliance (including STIX), among many other contributions to the world of cybersecurity.
February 15, 2019
Perch Security breaks the mold in just about every way. Their branding is charming and funny – a far departure from the usual techy, serious branding of other threat intelligence companies. We spent an hour with Aharon at Perch HQ and spoke candidly about cyber threats, talent, and our tech community here in lovely Tampa.
Discover the entire story.
Paul Scott on
February 14, 2019
Alright, what’s up this week? A vulnerability in all Intel chips opens the door for stealthy malware, container hosts beware nothing is safe anymore, adware slays macOS gatekeeper, and a new malware variant exploits your antivirus to steal data.
ROP-Roh, Shaggy Researchers recently discovered a way to abuse Intel Software Guard eXtensions (SGX) enclaves to hide malicious code from security software. Intel SGX is a feature found in all modern Intel CPUs that allow developers to isolate applications in secure enclaves.
February 12, 2019
* App-wide organization picker
* New navigation and app layout
* Shared Perchybana dashboards and visualizations
* Fix issues with SecurityEventAlert mixed IP types
* Issues after intel migration
* Fix links to Perchybana
* Long sensor names can cause a 500
* Fixed timeouts on user registration/new user creation
* Restrict Custom date ranges to maximum of 90 days
* Fix invite codes to use the organization chosen in the dropdown
February 7, 2019
* MSSPs can now use Perch SLAs
* Enhanced performance for Perchybana
* Enabled Perchybana dashboards and visualizations
* Stability and performance improvements
Paul Scott on
February 6, 2019
This week we learn about APT10’s modus operandi in Operation Cloud Hopper, how U.S. Cyber Command plans to respond to such foreign campaigns, GoDaddy DNS server’s wild ride with GandCrab, and 16 major RDP vulnerabilities.
More details on Stone Panda’s (APT10) Cloud Hopper A cyber-espionage campaign targeting at least three companies in the United States and Europe between November 2017 and September 2018, was brought to light in data published by Recorded Future and Rapid7.
February 5, 2019
When botnet-as-a-service meets social media marketing, you have a threat poised to rapidly spread. That’s precisely what researchers have found in a quickly evolving botnet called Cayosin (Kay-OH-sin), which combines the most dangerous features of multiple previous botnets and makes them available to a broad audience at a low price.
Get the full story.