A Lamb Amongst the Sheep
We recently were invited and gladly accepted to participate in the first round of NSS Labs Endpoint Detection and Response (EDR) testing. We are very proud to have …
Read more
Investigating Privilege Elevation on Linux
Manually calling patients to remind them of their appointments is a significant time-drain for your staff. The last thing a medical office needs is for one of its essential medical …
Read more
Insider Threats
The increasing connectivity and openness of today’s information systems often lets cyber-attackers find ways into a system across many different paths. Data from the …
Read more
Detection of Privilege Elevation by Malware on Linux
One of the hallmarks of targeted cyber attacks is to seek, from an execution toehold on a host, to increase its computational privileges in order to assert greater control of the …
Read more
How To Test Malware Detection Capabilities
From a software quality perspective comes the idea to verify our system detection capabilities. More specifically, we aim at verifying that the overall system is able to detect …
Read more
Defending From Endpoint Agent Disablement Cyber Attacks
When actively monitoring endpoints to detect signs of cyber attacks, preserving visibility through the endpoint sensor is crucial. A likely attack scheme for malware stops the …
Read more
Process Hollowing Analysis For Malware Detection
Following a webinar hosted by my colleague Justin Seitz two weeks ago, we discuss here of the detection of process hollowing, and how this capability may help in detecting ongoing …
Read more
Some Freedom In Your Virtualization Solution, Using QEMU
Virtual machines are a very common practice nowadays, for reasons ranging from emulation to sandboxing. But when it comes to virtualization platforms, which solutions are there? …
Read more