Insights

Insights & Analysis from the Prevailion Tailored Intelligence Team

Staring at the Sun: Thoughts on UNC2452, SUNBURST, SolarWinds and Road Ahead
Cyber- Photokeratitis Some Thoughts On The Events Associated with UNC2452 Like many who have worked in the threat research & intelligence, forensics, and incident response space some time, when I became aware of Fire...
On the Trail of UNC1878
Since October 28th, Prevailion has been investigating current and potential future victims of the ransomware crime group known as UNC1878. While our investigation is still underway, we have so far identified hundreds of ...
Prevailion Recognized as a 2020 Gartner “Cool Vendor”
We are pleased to announce that Prevailion has been named a Gartner Cool Vendor in the 2020 Cool Vendors in Security Operations and Threat Intelligence report. In the October 13th report, Gartner points out that “Organ...
Prevailion Increases Malware Coverage by 45%
...
Goblin Panda – One of the World’s Most Active APTs
When considering global threat actors and the impact these groups can have on different geographical regions and industries, we’d be remiss to not spend some time talking about Goblin Panda, considered by Prevailion to...
Ransomware as a Data Breach Decoy
Gone are the days of small-time cybercriminals using ransomware to earn a quick buck. Ransomware–and the criminals who use it–have certainly evolved. Though it initially made a name for itself as a tactic of ...
NEW Release – APEX Platform 4.6 Delivers Greater Fidelity on Confirmed Cyber Attacks and Threats
Prevailion is excited to launch six new features in its latest release of the APEX Platform, version 4.6. The features, outlined below, give organizations higher fidelity on real-time compromise activity empowering you...
A Note on the Trojan Compromise of NCR Corporation
Prevailion recently disclosed an active trojan compromise in the network of NCR Corporation. We at Prevailion are extremely pleased that NCR has taken this matter seriously, including the engagement of an elite IR team, ...
Masquerading as Card-Skimmers: Are Attackers Doing More with Magecart?
While Magecart is well known as a malware hacking groups use to inject card-skimming scripts into e-commerce platforms, Prevailion researchers have detected many compromises with Magecart that suggest the malicious actor...
Carnival Cruise Lines’ Long-Running Breach Problem
Carnival Corporation is back in the news again with another data breach. This time, the company disclosed in a recent 8-K filing that its network was compromised by an unnamed ransomware on August 15th which “encrypted...
Lower the Price Tag of a Data Breach with Threat Intelligence
Detecting and containing a data breach takes the better part of a year, approximately 280 days, for the average organization, according to IBM’s 15th annual Cost of a Data Breach Report, Unfortunately, the longer it ta...
How Auditors Can Make Compliance Programs More Effective
When conducting an audit of your cybersecurity plans, it’s important to reassess risk and evaluate whether established policies and procedures are both effective and actionable. To aid in cyber compliance, CSO Online s...
Tip of the Spear: Evidence of Breach and Breach Intelligence
Introduction For quite some time we at Prevailion have been speaking publicly to the nature of the differences between Prevailion and other vendors in the threat intelligence market, and for good reason. There are two ke...
Broken Security Promises and the Big Threat from Smaller Partners
When two companies are directly connected to each other, they need to believe that the other is doing all it can to shore up its defenses. What happens, though, when the relationship between two companies is distinctivel...
Human Fallibility: A Threat that Flows Through Your Entire Downline
Earlier this year Dark Reading published a six part series, “Cybersecurity and the Human Element: We’re All Fallible,” in which the authors examined common mistakes of end users as well as the potential repercussio...
What’s Missing in Third-Party Risk Assessments
Assessments are important. You’d be hard pressed to find any cybersecurity professional who would argue they aren’t needed, but the problem with third-party risk assessments is that they are far from comprehensive. U...
Ransomware Gangs Continue to Shame Victims
Everyone has something to hide. The beauty of that truth for hackers is that even if they don’t know their target’s dirty little secrets, they know that no one wants their secrets exposed. The mere threat of being pu...
An Apple A Day Won’t Keep Malware Away
When researchers at Independent Security Evaluators published its 2016 report, Hacking Hospitals, the idea that vulnerabilities in medical devices could result in patient harm seemed like a serving of FUD (fear, uncertai...
How Effective Are Your Security Investments?
According to the annual ESG survey, 60% of companies said they were targeted with a ransomware attack in 2019. Not surprisingly, those organizations are looking to augment their cybersecurity tools and processes. Defense...

Insights

Staring at the Sun: Thoughts on UNC2452, SUNBURST, SolarWinds and Road Ahead

On the Trail of UNC1878

Prevailion Recognized as a 2020 Gartner “Cool Vendor”

Prevailion Increases Malware Coverage by 45%

Goblin Panda – One of the World’s Most Active APTs

Ransomware as a Data Breach Decoy

NEW Release – APEX Platform 4.6 Delivers Greater Fidelity on Confirmed Cyber Attacks and Threats

A Note on the Trojan Compromise of NCR Corporation

Masquerading as Card-Skimmers: Are Attackers Doing More with Magecart?

Carnival Cruise Lines’ Long-Running Breach Problem

Lower the Price Tag of a Data Breach with Threat Intelligence

How Auditors Can Make Compliance Programs More Effective

Tip of the Spear: Evidence of Breach and Breach Intelligence

Broken Security Promises and the Big Threat from Smaller Partners

Human Fallibility: A Threat that Flows Through Your Entire Downline

What’s Missing in Third-Party Risk Assessments

Ransomware Gangs Continue to Shame Victims

An Apple A Day Won’t Keep Malware Away

How Effective Are Your Security Investments?

Contact Us

Recent Insights

Staring at the Sun: Thoughts on UNC2452, SUNBURST, SolarWinds and Road Ahead

U.S. Hackers have likely “gone to ground”

‘Most pristine espionage effort’ in modern history right under the US’s nose

TD Ameritrade – SolarWinds – Karim Hijazi’s Cybersecurity notes

About Prevailion