-
- 07/31/2017
- Cyber Hunter
Banking Keylogger leverages EmpireShell Framework
Introduction In the beginning of July 2017, ActiveCanopy Cyber Operations Center was called to support an incident response for a healthcare network system. During the incident response, a malicious file was identified on a compromised host on the network system. After some investigati...Read more
-
- 06/02/2017
- Cyber Hunter
Hackers Favorite Phishing Spot
The growth of phishing attacks in both frequency and sophistication continue to be a high threat with tradecraft showcasing deceptive, spear, and fraudulent techniques in one campaign. These cyber criminals have adapted to recognize user behavior luring those in organizations that must con...Read more
-
- 06/01/2017
- Cyber Hunter
May QBot Persistence and Attack Details
Introduction In May 2017, ActiveCanopy's Cyber Operations Center was contacted to support and investigate an incident of an enterprise network of over 7,500 hosts at a non-profit organization. . Subsequent analysis determined that the incident was an ongoing infection affecting o...Read more
-
- 01/31/2017
- Cyber Hunter
Do We Need Cyber Orchestration For My Organization?
Are you a company that has access to the internet? Check. Are you a company that doesn't have access to the internet? Check. Yes - you need cyber orchestration....... That was pretty easy..... No really, organizations today commit to an anti-virus (AV) license fee ...Read more
-
- 01/05/2017
- Cyber Hunter
Is Your Organization Protected with Your Anti-Virus Subscription?…Think Again.
Being a part of several incident responses across the country provides unique insights to how businesses operate from an information security perspective. Bottom Line: the commercial space is very reactionary. 'If a problem is not right in front of me, then why do I want...Read more