Thoughts From the Nest

Blog, updates and release notes.

Threat Report Wednesday February 27th 2019

on February 27, 2019


Welcome back to our regularly scheduled weekly threat report. There was malware last week. There is malware this week. And, there will be malware for the foreseeable future. Oh, and malware’s best friend, some vulnerabilities too. Hackers turn to LinkedIn for More_Eggs Since mid-2018, a campaign spreading More_Eggs malware has targeted U.S. companies in industries that commonly use online payment portals like retail, entertainment, and pharmacy. More_Eggs spreads via LinkedIn’s legitimate direct messaging service, offering fake jobs to victims and repeatedly following up via email to deliver the backdoor More_Eggs.

Read More

Perch Security Lands Cybersecurity Gold

Perchy on February 25, 2019


Perch Security has been awarded with multiple achievements in the 2019 Cybersecurity Excellence Awards. This is the second year in a row Perch Security placed, outperforming last year in every eligible category. Perch Security placed as the: Gold Winner for Security Monitoring Gold Winner for Intrusion Detection & Prevention Silver Winner for Best Cybersecurity Startup (between 10 and 49 employees) Silver Winner for Threat Detection, Intelligence and Response

Read More

Threat Report Friday February 22nd 2019

on February 22, 2019


This week we’re breaking from our regular coverage to bring you a follow up from Perch security researchers. We’ve got a lot of malware related information to highlight some active botnets and possible relationships between various strains. Additionally, we provide details on two recently spun up malware campaigns that are making waves. Cayosin gets a Tsunami of an Update On February 3, 2019 we broke the news about an emerging botnet, Cayosin.

Read More

Spreading the flock culture

on February 19, 2019


Cybersecurity is a quickly evolving industry and is expected to grow to USD 300 billion by 2024. With such a rapidly progressing industry you find new players emerging; one of which is Perch – Perch Security (read with James Bond voice). Although the company is new to the industry, our star-studded lineup is far from it. We have our CEO alone who has a background in founding cybersecurity companies, creating regulations and compliance (including STIX), among many other contributions to the world of cybersecurity.

Read More

Tampa Bay Tech Leaders

Perchy on February 15, 2019


Perch Security breaks the mold in just about every way. Their branding is charming and funny – a far departure from the usual techy, serious branding of other threat intelligence companies. We spent an hour with Aharon at Perch HQ and spoke candidly about cyber threats, talent, and our tech community here in lovely Tampa. Discover the entire story.

Read More

Threat Report Thursday February 14th 2019

on February 14, 2019


Alright, what’s up this week? A vulnerability in all Intel chips opens the door for stealthy malware, container hosts beware nothing is safe anymore, adware slays macOS gatekeeper, and a new malware variant exploits your antivirus to steal data. ROP-Roh, Shaggy Researchers recently discovered a way to abuse Intel Software Guard eXtensions (SGX) enclaves to hide malicious code from security software. Intel SGX is a feature found in all modern Intel CPUs that allow developers to isolate applications in secure enclaves.

Read More

Release Notes

February 12, 2019


New
* App-wide organization picker * New navigation and app layout * Shared Perchybana dashboards and visualizations


Bugfix
* Fix issues with SecurityEventAlert mixed IP types * Issues after intel migration * Fix links to Perchybana * Long sensor names can cause a 500 * Fixed timeouts on user registration/new user creation * Restrict Custom date ranges to maximum of 90 days * Fix invite codes to use the organization chosen in the dropdown


Release Notes

February 7, 2019


New
* MSSPs can now use Perch SLAs * Enhanced performance for Perchybana * Enabled Perchybana dashboards and visualizations


Bugfix
* Stability and performance improvements


Threat Report Wednesday February 6th 2019

on February 6, 2019


This week we learn about APT10’s modus operandi in Operation Cloud Hopper, how U.S. Cyber Command plans to respond to such foreign campaigns, GoDaddy DNS server’s wild ride with GandCrab, and 16 major RDP vulnerabilities. More details on Stone Panda’s (APT10) Cloud Hopper A cyber-espionage campaign targeting at least three companies in the United States and Europe between November 2017 and September 2018, was brought to light in data published by Recorded Future and Rapid7.

Read More

New Botnet Shows Evolution of Tech and Criminal Culture

Perchy on February 5, 2019


When botnet-as-a-service meets social media marketing, you have a threat poised to rapidly spread. That’s precisely what researchers have found in a quickly evolving botnet called Cayosin (Kay-OH-sin), which combines the most dangerous features of multiple previous botnets and makes them available to a broad audience at a low price. Get the full story.

Read More

PerchySubscribe to our blog