Ransomware: what is it, and why should your organization be concerned?

Businesses of all sizes can be a target for ransomware attacks. Small business owners might think a hacker will ignore their organization in favor of a larger company with more data. In fact, small businesses are the low-hanging fruit of cybercriminals everywhere. This is partly because small-to-medium business owners think “it won’t ever happen to […]

Identifying Threats: Why Behavior Matters

Attacker methods are evolving. Join us for an upcoming webinar to learn why cybersecurity teams must identify and track suspicious behaviors and patterns to stay a step ahead.

SOC Alert! Uptick in Ursnif Distribution

Binary Defense has noticed a recent uptick in Ursnif distributed using Reply-Chain attacks and password protected .zip files across multiple clients. Inside of the .zip files will be documents containing macros which execute and reach out to a Ursnif distribution server to download the payload. The Reply-Chain attacks are carried out by infecting one victim, accessing their emails, locating […]

TrickBot: Ono! New Tricks!

tickbot flowchart

During the past few weeks, my team and I (The Binary Defense Security Operations Center Threat Hunters), have been tracking a TrickBot gtag that has been behaving differently compared to the other TrickBot gtags. In those weeks, we observed differences in its: Distribution Runtime Post-infection High-level TrickBot Exploitation Flow TrickBot’s actions in runtime Let’s look […]

Don’t Fall Victim to Wire Transfer Fraud: Tips to Stay Safe

wire fraud by the numbers

Hackers employ a multitude of methods in order to gain access to a company’s data, but at the end of the day, they are looking for the fastest route to payday. One such method is known as a wire transfer scam. This scam has been around for a while; you’ve surely heard of the famous […]

Phishing Financial Firms is Big Business

Cyberattacks on financial institutions in the US occur at the staggering rate of approximately 30 times per second. The reality is while major news outlets report on wide-scale breaches such as the 143 million US resident records accessed in the Equifax breach, countless other successful breaches happen daily that don’t earn national headlines. Information security […]

Secure Your Site(s): Avoid SSL/TLS Certificate Expiration

security toolbox

Not too many years ago, a few websites began adding an extra layer of security in the form of Secure Sockets Layer (SSL) certification. Today, most legitimate business sites are sure to have SSL certificates installed. Many of the SSL certificates installed and available today are actually Transport Layer Security (TLS) certificates, although they are […]

Gh0stCringe (Formerly CirenegRAT)

Gh0stCringe Malware communicating its login packet to my server

Since early December, 2018, I’ve been seeing a new type of Gh0stRAT-like malware being distributed over SMB.  This sample has been dubbed Gh0stCringe by @James_InThe_Box on twitter.  While the network communications of this new malware is very similar to that of Gh0stRAT, there are some key differences: Instead of the use of Zlib compression on […]

Credential Stuffing…A Side Effect of Data Breaches

credential stuffing

Credential stuffing is a type of brute force cyberattack which uses automation in an effort to gain unauthorized access to systems around the world…and it all starts with a simple data breach. Data from One Breach Poses Risks to Additional Systems An alarming number (almost half) of people use the same or similar password across […]

Protect Yourself from Password Spraying Attacks

binarydefense protect yourself

Password spraying attacks are just one method hackers use to gain unauthorized access to systems around the world. The technique itself is not complex, and a simple online search turns up instructions even cyber-novices can follow. While the attack is relatively simple and should be easy to defend against, it is effective, and it continues […]

AT&T Cybersecurity Names Binary Defense Global Partner of the Year

AV partner 1

Binary Defense™—a leading cybersecurity firm in Endpoint Detection and Response, SOC-as-a-Service and Counterintelligence—was named AT&T Cybersecurity’s (formerly AlienVault) 2018 Global Partner of the Year. Binary Defense had been named Global Partner of the Year in 2016 and returned to the top spot in 2018 by delivering 100% year-over-year growth. Binary Defense teams with AT&T Cybersecurity […]

Binary Defense Expands Security Operations Center in Stow, Ohio

Binary Defense office

Binary Defense™—a leading cybersecurity firm in Managed Endpoint Detection and Response (M-EDR) now with built-in Endpoint Platform Protection (EPP)—has opened a new state-of-the-art facility in Stow, OH. The new location at 600 Alpha Parkway will serve as the operations hub for the 5-year old cybersecurity company, benefiting Binary Defense customers by offering an expanded Security […]