Category: Articles
by Will Gragido, Chief Strategy Officer – Prevailion, Inc. Intelligence analysis is dependent upon many things not the least of which are collections and access to data (e.g., pcaps, logs etc.) sourced from within the network. Prevailion affords its customers the ability to view intelligence related to real state of compromise outside the network’s perimeter. […]
By Sanjay Raja, VP of Marketing Prevailion, Inc. Previous Generation Intelligence and Adversary Hunting A subset of Threat Intelligence or even Threat Hunting using Intelligence called Adversary Intelligence or Adversary Hunting is nothing new. Traditional threat intelligence has focused on Identifying and documenting newly discovered threats Identifying Threat Actor Tactics, Techniques, Procedures (TTPs) Delivering insights […]
Among the many malware families wreaking havoc for Windows users is Agent Tesla, a keylogger, information stealer and spyware that was first discovered in 2014. According to MITRE ATT&CK, Agent Tesla has employed various techniques ranging from collecting account information from a victim’s machine to using HTTP and SMTP for C2 communications. It can steal […]
The Associated Press recently reported that email addresses of top DHS officials had been compromised as part of the massive SolarWinds hack. According to a DHS spokesperson, “a small number of employees’ accounts were targeted in the breach” and the agency “no longer sees indicators of compromise on our networks.” But what does that actually […]
by Will Gragido – Chief Strategy Officer, Prevailion What You Need and Why You Need It Target intelligence is intelligence that is derived from a unique tradecraft driven counterintelligence approach that empowers security teams with immediately actionable evidence of compromise (EoC). An uncommon capability whose time has arrived after decades of failed promise and often bitter […]
Banking Trojans are a dime a dozen, making it difficult to keep track of the myriad ways that an adversary can drop a payload. We recently wrote about Ramnit, a Trojan botnet, which has evolved over time. Similarly, another Trojan targeting the financial sector, IcedID, also known as BokBot, was discovered in 2017 by IBM […]
