The Global Trend Toward Cyber Sovereignty
Last month, as much of the world’s attention was elsewhere, the Chinese government announced their new cybersecurity law. While the new law ostensibly was adopted to increase security, a range of...
View ArticleToday's Statement on Russian Hacking in Context
On October 7, 1996, the Pentagon publicly attributed – without repercussions – a vast digital data breach and espionage to the Russians, later dubbed Moonlight Maze. Fast forward twenty years to the...
View ArticleReflections on Grizzly Steppe
On December 29, 2016, the United States Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) released a joint analysis report (JAR) detailing, in their words, “tools and...
View ArticleClik here to view.
Dude! Where's my Ransomware?: A Flare-On Challenge
There are many tricks to the tradecraft when analyzing unknown binaries, and it requires constant honing of skills to stay on top of the latest malware and campaigns. Solving reverse-engineering...
View ArticleClik here to view.
Artemis: An Intelligent Assistant for Cyber Defense
You’ve used them for directions, to order pizza, to ask about the weather. You’ve called them by their names Siri, Alexa, Cortana... You speak to them like you know them, like they can understand you....
View ArticleClik here to view.
A CSO’s 2017 Playbook for Effective Security (Infographic)
Cybersecurity today is in a state of failure and CSOs are scrambling to keep up. Organizations spent $75B in the US last year on security products and services, representing 11% of total spending on...
View ArticleClik here to view.
Designing the Intelligent Assistant: Part 1, Design Principles
As we enter 2017, there has been one particular user experience (UX) trend that designers can no longer ignore: chatbots.While some debate their practicality, others believe it to be the internet’s...
View ArticleClik here to view.
Cybersecurity Interrupted
Last night, in collaboration with Foreign Policy Interrupted, we hosted a discussion addressing the key geopolitical trends and challenges in cybersecurity. We were fortunate to have a great group of...
View ArticleEndgame and Morphick: Closing the Gap in Advanced Cyber Threat Response
In my recently released book Facing Cyber Threats Head On, I spend a lot of time discussing how contemporary cyber security is just as much about stopping people (the attackers) as it is about stopping...
View ArticleWorld, Meet MalwareScore
Sharing ideas, tools, and techniques among our community of defenders makes everyone sharper and safer. To that end, we previously received third party certification, joined AMTSO, have published and...
View ArticleThe RSA Keynote & A Call for Digital Norms
Yesterday’s RSA keynote by Brad Smith, Microsoft’s President and Chief Legal Officer, has the industry finally buzzing about the creation of global digital norms. In his accompanying blogpost, “The...
View ArticleClik here to view.
Lessons from the Trenches: Obfuscation and Pattern Recognition
Code deobfuscation and pattern recognition are as much an art as a science. In the past, we’ve talked about automating many aspects of proactive detection, such as through delta analysis, scripts, or...
View ArticleClik here to view.
The Chakra Exploit and the Limitations of Modern Cyber Security Threat...
Last November, Microsoft released a security update for Microsoft Edge which included patches for vulnerabilities CVE-2016-7200 and CVE-2016-7201, which were discovered by Google Project Zero. Earlier...
View ArticleClik here to view.
Dropping AtomBombs: Detecting DridexV4 in the Wild
Banking trojans have been around for years, but gained greater visibility in 2015 and into 2016 as they moved from targeting European banks to American banks. We previously discussed the Odinaff...
View ArticleElevating the Voice of Women in Security
Political psychologists are exploring whether efforts aimed to increase awareness of women’s under-representation in politics make women less likely to seek public office. Security seems to be in the...
View ArticleWhats Next for the Cybersecurity Community (Video)
Endgame CEO Nate Fick provides a keynote at the 2017 New America conference to discuss what the cybersecurity industry and federal government need to collectively accomplish to protect against...
View ArticleClik here to view.
Protecting Against Shamoon 2 and Stonedrill: In the Crossfire of Geopolitics...
At the end of January, Saudi Arabia’s telecom authority issued an alert warning about Shamoon 2, a wiper malware that hit several organizations, including three government agencies and four private...
View ArticleThe Deterrence Failure in Cybersecurity (Video)
Video of Endgame CEO Nate Fink: Deterrence Failure in Cyber | Mad Money | CNBCListen in to hear an interview with Endgame CEO Nate Fick and Jim Cramer of CNBC Mad Money. Nate discusses everything from...
View ArticleClik here to view.
Reverse Engineering Malware 101 Workshop
Reverse engineering already sounds like black magic, when in reality it simply entails lots of practice and strong foundations in computer science concepts. Think of it like learning a new language....
View ArticleHow To Maintain A Strong R&D Culture
As we see deals between companies like Symantec and Blue Coat, IBM and Resilient Systems, and Carbon Black and Confer, it’s clear that the security market is consolidating. As more security companies...
View Article