A Primer on North Korean Targeted Digital Attacks
As tensions rise between North Korea and the United States, Secretary of Homeland Security, John Kelly, proclaimed North Korea currently is a more probable cyber threat than a kinetic threat. Given...
View ArticleClik here to view.
Disarming Control Flow Guard Using Advanced Code Reuse Attacks
Advanced exploitation is moving away from ROP-based code-reuse attacks. Over the last two years, there has been a flurry of papers related to one novel code-reuse attack, Counterfeit Object-Oriented...
View ArticleClik here to view.
No Experience Required: Ransomware in 2017 and Beyond
Much to the chagrin of the computer security industry, business executives, and people around the world, ransomware had a banner year in 2016. Hospitals, mass transit systems, hotels, and government...
View ArticleCyber Attacks, Bots and Disinformation in the French Election
At least as early as February, France’s intelligence agency warned that Russia aimed to influence the presidential elections in favor of Front National candidate, Marine LePen. Throughout the spring,...
View ArticleClik here to view.
Augmenting Analysts: To Bot or Not?
Earlier this year, we announced Artemis, Endgame’s chat interface to facilitate and expedite complex analyses and detection and response within networks. Bots have been all the rage over the last few...
View ArticleClik here to view.
Don't (W)Cry, You've Got Endgame
Three of the most prominent attack trends in cybersecurity converged today: ransomware attacks, data dumps of nation-state offensive capabilities, and an emergence of the healthcare industry as a...
View ArticleClik here to view.
WCry/WanaCry Ransomware Technical Analysis
As we discussed Friday when this outbreak began, the WCry or WanaCrypt0r ransomware spread quickly across Europe and Asia, impacting almost 100 countries and disrupting or closing 45 hospitals in the...
View ArticleClik here to view.
A Majority of Americans Think Russia is More Dangerous Now than During Cold War
In 2012, when then-presidential candidate Mitt Romney suggested that Russia was one of the U.S.’s top geopolitical adversary, most scoffed at the idea, including then-president Barack Obama who noted...
View ArticleMy job is to constantly think about cyber attacks — this is the first time...
I’ve spent nearly every moment of the past few years thinking about how to stop cyber attacks.And this is the first time I’ve been truly alarmed.Friday’s ransomware attacks that infected over 150...
View ArticleClik here to view.
So You Wanna Stop Ransomware? Detailing Endgame Ransomware Protection
Last week, WannaCry left its mark across the globe, affecting hundreds of thousands of machines in over 100 countries. While it certainly has been more widespread than previous ransomware, WannaCry is...
View ArticlePM Teresa May Emphasizes Cybersecurity Changes to Combat Terrorism
Following the horrific attack in London this weekend, Prime Minister Teresa May’s response reinforced the tight interplay between virtual and physical security. May outlined four key changes for...
View ArticleClik here to view.
Hunting In Memory
Threat Hunters are charged with the difficult task of sifting through vast sources of diverse data to pinpoint adversarial activity at any stage in the attack lifecycle. To be successful, hunters must...
View ArticleFour Ways Chatbots are Transforming Cybersecurity
As attacks become more targeted and unique, it’s critical that security teams are equipped with the tools required to stop attacks before information theft. Even if teams have the right tools, however,...
View ArticleFive Ways to Build a Great Corporate Culture
Today, Endgame was named a ‘Top Workplace’ by the Washington Post for the second consecutive year. The award is based on a broad survey of people at our company and other companies, and so I'd like to...
View ArticleClik here to view.
Beyond Inside Baseball: Key Tech Trends Reshaping the Security Landscape
As an industry, security suffers from an inside baseball problem, generally focused on the technical minutiae and failing to translate it to the non-experts. This not only makes security inaccessible...
View ArticleClik here to view.
Catching Petya: How Endgame Protects Against Another Global Attack
Throughout the day, news spread of a ransomware attack hitting Europe and Russia, before making its way into the United States. By one estimate, it has already impacted tens of thousands computers,...
View ArticleLessons from a Bake Off: A Data Intelligence Conference Readout
Capital One recently hosted the excellent Data Intelligence conference in northern Virginia. As a data scientist working in infosec, it was great to meet so many new people and old friends who were all...
View ArticleClik here to view.
Ask Me Anything: From Query to Natural Language
In our last post, we highlighted the design challenges we faced creating a chatbot for the security space. While the design considerations pose a significant challenge, equally daunting is building...
View ArticleClik here to view.
Ten Process Injection Techniques: A Technical Survey of Common and Trending...
Process injection is a widespread defense evasion technique employed often within malware and fileless adversary tradecraft, and entails running custom code within the address space of another process....
View ArticleCorvil and Endgame: Boosting Security Analyst Productivity to Stop Targeted...
Author: David Murray, Chief Business Development Officer, CorvilThe time of solely providing a constant stream of security alerts is over. It has gone the way of the buggy whip, the mullet, and the...
View Article