RSA’s 2016 Message: Don’t Stop Believin’
This year’s RSA Conference seems to have found its way into mainstream press and non-technical publications, benefitting from the additional PR due to the ongoing Apple-FBI dispute. After hearing...
View ArticleEndgame Tech Talks @ RSA: Adding Substance to Form
Last week, Endgame’s malware researchers and data scientists provided a welcome break from the the chaos of the convention floor at RSA. Our four talks addressed the need for a multi-stage approach to...
View ArticleWhat does Oman, the House of Cards, and Typosquatting Have in Common? The .om...
House of Cards Season 4 debuted on Netflix this past weekend, much to the joy of millions of fans, including many Endgamers. One particular Endgamer made an innocent, but potentially damaging mistake....
View ArticleCounterterrorism-Cybersecurity Strategy Over Soundbites
Counterterrorism is not easy.Last week’s terrorist attacks in Belgium served as yet another horrific reminder of the complexity and intractability of counterterrorism (CT). Unfortunately, just as...
View ArticleWhen Unicorns are the Majority: The power of positivity when it comes to...
From academia to government to now industry, I’ve never worked in a field with more than 20 percent women, and that is being very generous. That is why it felt extremely strange to sit in a large room...
View ArticleTop 3 Requirements for Threat Hunting
With the SANS Threat Hunting Summit just days away, and adversary hunting gaining visibility across the industry, hunt is one of those terms that is frequently mentioned but not well-understood. What...
View ArticleImproving Network Defense with the Big Picture of Cyber Intel
From the moment I stepped into the defensive computer operations (DCO) arena fifteen years ago, I noticed almost immediately an invisible but very real separation between DCO and its supporting...
View ArticleThe Power Law of the Digital Pen: Adding Fuel to the Fire of Social Change
Over five years ago, the Arab Spring demonstrated the power of the digital domain in facilitating political and social change. The role of social media – still relatively nascent globally at that point...
View ArticleClik here to view.
Shifting the Narrative to Attract More Talent into Security
When talking with women about the cybersecurity industry, we always ask, “What do you think of when you hear the term hacker?” The response invariably describes a young, shady, socially-challenged guy...
View ArticleClik here to view.
Your Package Has Been Successfully Encrypted: TeslaCrypt 4.1A and the Malware...
IntroductionRansomware quickly gained national headlines in February after the Hollywood Presbyterian Medical Center in Los Angeles paid $17,000 in bitcoins to regain access to its systems. Since...
View ArticleClik here to view.
Hunting on the Cheap, Part 1: The Architecture
As security approaches reliant on known indicators of compromise (IOCs) are increasingly failing, “assume breach” has become a common expression in the industry. Far too often, intrusions go undetected...
View ArticleClik here to view.
Hunting on Networks, Part 2: Higher-Order Patterns
In the first part of the Hunting on Cheap series, I discussed the importance of passive DNS in an adversary hunting toolkit. I detailed how an organization can set up sensors to collect passive DNS...
View ArticleClik here to view.
Hunting on the Cheap, part 3: Hunting on Hosts
In our previousposts, we focused on hunting on the cheap by collecting and analyzing data on the network. However, hunting on networks is not the only option. In fact, a richer set of data to find...
View ArticleThe Real “Weakest Link” In Security Isn’t What You Think: Why We Should...
It’s an all-too familiar story: A company reports a data breach,and there’s an immediate blame game. Inevitably, we point the finger at humans — the person who responded to that phishing email ( a fake...
View ArticleDigital Sovereignty: Multi-Stakeholder vs. Beggar-Thy-Neighbor Digital Futures
What do Yeti, ICANN, and BRICs have in common? They are emblematic of the growing international jockeying for power to shape the global digital order. Absent a global cyber regime, nation-states...
View ArticleHunting Your Adversaries with Endgame Enterprise: Meet Us at Gartner
Endgame was at the Gartner Security & Risk Management Summit in 2015 showing Endgame Enterprise, the industry's first endpoint detection and response platform to hunt, contain, and eliminate...
View ArticleClik here to view.
Build Safer Programs Faster with OCaml
For many internal prototypes at Endgame, we adopt an agile development process to rapidly build proof-of-concept services which can then be deployed and reiterated upon to quickly address bugs and...
View ArticleHacker's Guide to (Not) Having Your Passwords Stolen
Online credential theft has exploded in the past several years. This month alone, numerous breaches have affected millions of users of high profile websites such as LinkedIn, MySpace, vk.com, and...
View ArticleDetecting Modern Adversaries: Why Signatures Are Not Enough
Cyber intrusions are continuing unabated with no end in sight. Ransomware is on the rise, massive data breaches are announced with such regularity that the public is becoming numb to their...
View ArticleClik here to view.
ROP is Dying and Your Exploit Mitigations are on Life Support
Too often the defense community makes the mistake of focusing on the what, without truly understanding the why. This mindset often leads to the development of technologies that have limited...
View Article