Month: January 2020

APEX™ Report Insight

Prevailion’s first APEX™ Report demonstrates its unique visibility into the top compromised industries. Prevailion is an evolved solution for an evolved threat. We believe the next generation of intelligence that will lead businesses into a new era of security is Compromise Intelligence. This report shows the active compromises that organizations are up against.  

Microsoft Issues Excel Security Alert As TA505 Campaign Emerges

Research from cyber-intelligence outfit Prevailion suggests that TA505 has compromised more than 1,000 organizations. Organizations that include two U.S. state government networks, two U.S. airlines and one of the world’s top 25 banks.

TA 505 – Global Ransomware Criminals

Prevailion’s Tailored Intelligence Team has continued to follow an evolving threat actor group dubbed TA505 – a known cyber criminal organization that has likely been active since at least 2017, whose motives are speculated to be financial in nature. This group has been known to infect victims through business email compromise. Once a victim’s system is initially compromised, TA505 has been observed utilizing a wide variety of commercially available and custom remote access trojans. Upon gaining access, with a trojan in the network, they have been observed stealing sensitive financial data and in some cases deploying ransomware as recently as October of 2019.

Prevailion map image

What is Compromise Intelligence?

Compromise Intelligence is a new method of information gathering sourced from the activity surrounding networks with confirmed evidence of cyber compromise.

Q1 2020 Security Update: New Vulnerabilities Discovered, Cybercriminals Charged

New vulnerabilities put specific devices or systems at risk, US-CERT issues warnings about Dridex malware, and cybercriminals are charged and sentenced.

Tech Companies Take A Leading Role In Warning Of Foreign Cyber Threats

The U.S. government says it’s on high alert for cyberattacks from foreign countries in this election year. Yet private cybersecurity firms have often been the ones sounding the alarm, and in some cases, they are selling their services to the U.S. intelligence community.

Copyright 2021 Prevailion, Inc. All rights reserved.    

Disclaimer: Gartner “Cool Vendors in Security Operations and Threat Intelligence,” Mitchell Schneider, Ruggero Contu, John Watts, Craig Lawson, October 13, 2020. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner Disclaimer: The GARTNER COOL VENDOR badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.