Technology Archives - Binary Defense

Advice for Defenders Responding to the log4j Vulnerability CVE-2021-44228

Binary Defense Security Operations, Engineering, and Threat Hunting analysts have been working alongside our clients and our friends in the infosec community to mitigate the threat to organizations as a result of the critical Apache log4j vulnerability that is actively being exploited by threat actors. We are especially thankful for our colleagues at TrustedSec, who […]

Ransomware: what is it, and why should your organization be concerned?

Businesses of all sizes can be a target for ransomware attacks. Small business owners might think a hacker will ignore their organization in favor of a larger company with more data. In fact, small businesses are the low-hanging fruit of cybercriminals everywhere. This is partly because small-to-medium business owners think “it won’t ever happen to […]

SOC Alert! Uptick in Ursnif Distribution

Binary Defense has noticed a recent uptick in Ursnif distributed using Reply-Chain attacks and password protected .zip files across multiple clients. Inside of the .zip files will be documents containing macros which execute and reach out to a Ursnif distribution server to download the payload. The Reply-Chain attacks are carried out by infecting one victim, accessing their emails, locating […]

Using Sysmon and ETW For So Much More

Recently the team over at Microsoft’s SysInternals team Mark Russinovich and Thomas Garnier landed a new version of Sysmon v10 which adds a new event ID type Event ID 22 (DNS). If you are not familiar with Sysmon, it’s a free tool from Microsoft which incorporates a number of enhanced events from the operating system, […]

Binary Defense Software Developer Uses Programming Expertise to Help Injured Veteran Regain Mobility

Many Binary Defense employees are involved in their communities, using their skills to give back or to educate their neighbors about cybersecurity. Binary Defense Senior Python Developer Ilya Gotfryd recently gave his time to a very worthy cause. In conjunction with a group called Challenge America, Ilya and a team of volunteers helped develop a […]

Gh0stCringe (Formerly CirenegRAT)

Since early December, 2018, I’ve been seeing a new type of Gh0stRAT-like malware being distributed over SMB. This sample has been dubbed Gh0stCringe by @James_InThe_Box on twitter. While the network communications of this new malware is very similar to that of Gh0stRAT, there are some key differences: Instead of the use of Zlib compression on […]

Credential Stuffing…A Side Effect of Data Breaches

Credential stuffing is a type of brute force cyberattack which uses automation in an effort to gain unauthorized access to systems around the world…and it all starts with a simple data breach. Data from One Breach Poses Risks to Additional Systems An alarming number (almost half) of people use the same or similar password across […]

Threat Intelligence: iOS Bug Gives Unauthorized Access to User’s FaceTime Audio and Video

A bug in Apple devices running iOS 12.1 or later could leave users open to eavesdropping through Facetime. When it was initially reported, audio was believed to be the only piece affected but now it is known to give access to the front camera as well. The bug begins to work when a user is […]

Threat Intelligence: Nine Adware Apps Discovered on Play Store

Unwanted ads are being hidden within nine apps found on the Google Play Store and have been flooding users’ devices. One of the apps has already been downloaded five million times while the total of the nine apps is nearly eight million globally. These apps are non-functioning and are placed specifically to deploy adware in […]

Binary Defense and Ingram Micro Announce Strategic Distribution Relationship

Binary Defense™—a leader in Managed Endpoint Detection and Response (EDR) now with built-in Endpoint Platform Protection (EPP)—today announced it has entered into a distribution relationship with Ingram Micro Inc., a global force in technology solutions, mobility, cloud, and supply chain services. The relationship will add significant value to customers by more easily addressing specific regional […]

EvilOSX

On February 14th, 2018, a new variant of an OS X RAT called “EvilOSX” has appeared on Github. A RAT (Remote Access Trojan) is a type of malware designed to control the infected system remotely. With 21 code changes in the 9 days since its initial release, it appears to be under active development. EvilOSX […]

Social Media: The Overlooked Critical Infrastructure of Chinese Manufacturing

It is no doubt that social media has a hold on people around the world, but it has an especially mesmerizing effect on the factory workers of China’s migrant manufacturing towns. In a number of formerly rural communities, China has set up large manufacturing towns which have begun to fill with migrants from the countryside […]

12 Essentials for a Successful SOC Partnership

Cyber War: Hackers’ Transformation from Cyber Criminals to Hacktivists

The war in Ukraine and its impact on how China views Taiwan

A Day in the Life of a SOC Analyst

Tag: Technology