Proactive Intelligence Against Infostealers: Lessons from the Snowflake Data Breach
After major cyber attacks or data breaches, cybersecurity companies and professionals universally face the question, "How would you have detected or prevented this type of attack?" This week, the question is related ...
EDR-Killing Malware and the Need for Network Detection
A recent blog by Elastic Security Labs details GHOSTENGINE, a crypto miner that leverages an intrusion set (HIDDENSHOVEL) to disable endpoint security solutions (EDRs) on a victim host. While crypto miners may ...
IronRadar Reforged
What is IronRadarSM, and why is it important? Cybersecurity organizations are fighting a constant battle against threats across an evolving cyber landscape while being understaffed and facing constrained budgets. Traditional cybersecurity threat ...
Volt Typhoon Threat Report
Threat Overview On March 19, 2024, CISA, along with other participating agencies, released a joint Fact Sheet warning executive leaders in the critical infrastructure sector that Volt Typhoon has strategically pre-positioned itself ...
Back to School Reminder – Keep Your Mac Clean!
Key points from our research: Around early-mid August, we noticed an increase in MacOS malware detections, specifically AdLoad and UpdateAgent in IronDome, in the education sector. This timing correlates with students returning ...
Back To School Reminder – Keep Your Mac Clean!
Key points from our research: Around early-mid August, we noticed an increase in MacOS malware detections, specifically AdLoad and UpdateAgent in IronDome, in the education sector. This timing correlates with students returning ...
‘::ffff’ only…Tips for identifying unusual network activity
Every now and then, a security team uncovers something only the Internet Engineering Task Force (IETF) can fully explain. During a review of network activity, our team noted unusual outbound web traffic ...
Who’s Listening? Securing Ports Within Your Network
Your house has several entrances— windows, doors, garage, maybe even your roof. These openings to your home are used for different purposes. Your door is used for foot traffic, the garage for ...
XDR Cannot Exist Without NDR
Threat detection and response remain a key priority for organizations as ransomware and data breaches continue to disrupt business operations. With multiple solutions known as EDR, NDR, and XDR, as well as ...
Investigating Undocumented Netcomms From Legitimate Chrome Extension
Early this month, IronNet analytics detected an unusual HTTPS connection between internal resources and 173.231.16[.]76 ...
