Securonix Threat Research: Cryptojacking Attacks

Securonix Threat Research: Cryptojacking Attacks

By Oleg Kolesnikov and Harshvardhan Parashar, Securonix Threat Research Team   Figure 1: Persistent Cryptomining Jex Boss Initial Foothold Payload - Repeated Payload Execution Attempts   Introduction Cryptojacking is the unauthorized use of someone else’s computer to secretly mine cryptocurrency (also known as virtual or digital currency). According to a...

Securonix Threat Research: SamSam Ransomware Detection Using Security Analytics

By Oleg Kolesnikov and Harshvardhan Parashar, Securonix Threat Research Team   Figure 1: SamSam Jex Boss exploitation Introduction SamSam is a prevalent ransomware that has been observed across multiple industries including healthcare, government, and critical infrastructure/ industrial control systems (ICS) in 2016, 2017, and 2018. Earlier this year, the ransomware...

User And Entity Behavior Analytics in 2018

We’ve all seen big data breaches in the news. We also know there are many more breaches that did not make it into the evening news. The insider attack vector - whether it is a malicious insider, an unsuspecting compromised employee, or accidental misuse, is a common theme across most...

Ch 5 – Feature Engineering: Science or Art?

Authors: Securonix Labs Introduction Feature Engineering is the process of selecting and extracting useful, predictive signals from data. The goal is to create a set of features that best represent the information contained in the data, producing a simpler model that generalizes well to future observations. Methods range from statistical...

Don’t Fall Prey To The Next Ransomware Outbreak

Over the last couple of years, we have seen the emergence and rapid rise of ransomware as an extremely potent cyber attack. We have observed, and written about attacks like Bad Rabbit, NotPetya, and WannaCry. As businesses increasingly rely on digital systems, networks, and data for operations, the value of...

Seven Things You Need To Know About GDPR

The General Data Protection Regulation (GDPR) is around the corner. Here is what you need to know before the compliance deadline. 1. GDPR is a result of the European Commission's effort to revamp how businesses protect data in order to make Europe ready for the digital age. The exercise took...

Securonix Threat Research: Spectre and Meltdown Vulnerabilities

By Oleg Kolesnikov, Securonix Threat Research Team Introduction Securonix Threat Research Team (STR) has been actively investigating the details of the Spectre and Meltdown Side-Channel Information Disclosure Vulnerabilities since last week to help our customers mitigate/respond to the vulnerabilities. Below is a summary of what we currently know about the...