Clik here to view.
Beyond the Buzz: Integrating Big Data & User Experience for Improved Cyber...
by Andrea Little LimbagoBig Data and UX are much more than industry buzzwords—they are some of the most important solutions making sense of the ever-increasing complexity and dynamism of the...
View ArticleSee Your Company Through the Eyes of a Hacker: Turning the Map Around On...
Today, Harvard Business Review published “See Your Company Through the Eyes of a Hacker: Turning the Map Around On Cybersecurity” by Endgame CEO Nate Fick. In this piece, Nate argues that in order for...
View ArticleClik here to view.
Data-Driven Strategic Warnings: The Case of Yemeni ISPs
by Andrea Little LimbagoIn 2007, a flurry of denial of service attacks targeted Estonian government websites as well as commercial sites, including banks. Many of these Russian-backed attacks were...
View ArticleClik here to view.
Meet Endgame at RSA 2015
Endgame will be at RSA 2015!Stop by the South Hall, Booth #2127 to:Get a product demo. Learn more about how we help customers instantly detect and actively respond to adversaries.Learn from our...
View ArticleClik here to view.
Git Hubris? The Long-Term Implications of China’s Latest Censorship Campaign
by Andrea Little LimbagoLast Friday, GitHub, the popular collaborative site for developers, experienced a series of distributed denial of service (DDoS) attacks. The attacks are the largest in the...
View ArticleClik here to view.
Endgame Participates in Tough Mudder Benefitting Wounded Warrior Project
On April 20, over thirty Endgame employees, family members and friends participated in the Mid-Atlantic Spring 2013 Tough Mudder, supporting the Wounded Warrior Project. Funds raised for the Wounded...
View ArticleMicrosoft Win32k NULL Page Vulnerability Technical Analysis
Vulnerability Research Overview Endgame has discovered and disclosed to Microsoft the Win32 NULL Page Vulnerability (CVE-2013-3881), which has been fixed in Microsoft’s October Security Bulletin,...
View ArticleClik here to view.
Storm Metrics How-To
Big Data If you have been following Storm’s updates over the past year, you may have noticed the metrics framework feature, added in version 0.9.0 New Storm metrics system PR. This provides nicer...
View ArticleAndroid Is Still the King of Mobile Malware
MalwareMobile Security According to F-Secure’s “Q1 2014 Mobile Threat Report”, the Android operating system was the main target of 99% of new mobile malware in Q1 2014. The report states that between...
View ArticleVerizon's Data Breach Investigations Report: POS Intrusion Discovery
MalwareThreat Intelligence Verizon recently released its 2014 Data Breach Investigations Report. I could spend all day analyzing this, but I’ll touch on just one issue that’s been on many of our minds...
View ArticleDEFCON Capture the Flag Qualification Challenge #1
Vulnerability Research I constantly challenge myself to gain deeper knowledge in reverse engineering, vulnerability discovery, and exploit mitigations. By day, I channel this knowledge and passion into...
View ArticleTelecom as Critical Infrastructure: Looking Beyond the Cyber Threat
National Security Much of the discussion around cyber security of critical infrastructure focuses on the debilitating impact of a cyber attack on a country’s energy, economic, and transportation...
View ArticleBlackshades: Why We Should Care About Old Malware
Malware“Blackshades is so 2012” is the near response I received when I mentioned to a friend the recent FBI takedown of almost 100 Blackshades RAT dealers. This nonchalant, almost apathetic attitude...
View ArticleClik here to view.
DEFCON Capture the Flag Qualification Challenge #2
Vulnerability Research This is my second post in a series on DEFCON 22 CTF Qualifications. Last time I examined a problem called shitsco and gave a short overview of CTF. This week, I’d like to walk...
View ArticleHow to Get Started in CTF
Vulnerability Research Over the past two weeks, I’ve examined two different problems from the DEFCON 22 CTF Qualifications: “shitsco” and “nonameyet”. Thank you for all of the comments and questions....
View ArticleClik here to view.
Cyber and Strategic Landpower: Three Big Questions
Cyber WarriorsNational Security Yesterday, I was the tech company voice on a panel with senior military officers, including LTG Edward Cardon, commander of the U.S. Army Cyber Command. Our topic was...
View ArticleClik here to view.
Technical Analysis: Binary b41149.exe
Malware In keeping with the theme of my previous post, “malware never truly dies – it just keeps on compromising”, today I’d like to investigate a binary that surfaced a couple of months ago. While the...
View ArticleThe Great Divide: Closing the Gap in Cyber Analysis
National Security In 2010, General Michael Flynn co-authored a report entitled Fixing Intelcritiquing the threat-centric emphasis within counterinsurgency intelligence analysis. The report, which made...
View ArticleAnalysis: Three Observations About the Rise of the State in Shaping Cyberspace
National Security Last month commemorated the 100th anniversary of the start of World War I. It was a time when states were so interdependent and borders so porous that some call it the first era of...
View ArticleClik here to view.
Time Series Analysis for Network Security
Data Science Last week, I had the opportunity to attend a conference that had been on my radar for a long time. I’ve been using scientific Python tools for about 10 years, so it was with great...
View Article