By Oleg Kolesnikov and Harshvardhan Parashar, Securonix Threat Research Team   Figure 1: Moanacroner Establishes Persistence After Initial Cloud YARN/Hadoop Infection Using Crontabs   Introduction In recent months, we have been observing an increase in the number of automated attacks targeting exposed cloud infrastructure/Hadoop/YARN instances. Some of the attacks we...

By Oleg Kolesnikov and Harshvardhan Parashar, Securonix Threat Research Team Updated November 6, 2018   Figure 1: Magecart modernizr-2.6.2.min.js Obfuscated Formgrabbing Payload from British Airways Attacks   Introduction The data breach suffered by British Airways earlier this year affected around 380,000 customers and resulted in the theft of customer data...

Suspicious activity on the endpoint is usually an indicator that a larger cybersecurity threat or attack is occurring. Your users are continually targeted by various attacks–phishing, malicious websites, session-based attacks and more—that end up playing out on the endpoints inside your organization. While understanding anomalous behaviors on your endpoints is...

Data breaches continue to grow at a rampant pace. According to the 2018 Verizon Data Breach report, there were over 53,000 incidents and 2,216 confirmed data breaches in 2017. The report goes on to say that the time to compromise continues to be very short - within seconds or minutes....

By Nitin Agale, Senior VP of Products for Securonix Your endpoints are a valuable part of your enterprise structure. They are the computers your employees use and the servers your company depends on. Defending your endpoints is important, but it’s critical that your endpoint defense is just one part of your...

Learn about how Umesh Yerram, chief data protection officer at AmerisourceBergen uses Securonix Next-Gen SIEM to build their Security Operations Center.  

The Securonix Customer Excellence Awards     The Securonix Customer Excellence Awards recognize forward thinking security leaders who are demonstrating a long-term vision to elevate the role and impact of security in their organizations, and have implemented cutting edge cybersecurity solutions to realize this vision. The Securonix Cybersecurity Excellence Awards...

By Oleg Kolesnikov and Harshvardhan Parashar, Securonix Threat Research Team Figure 1: Document with Malicious VBA Macro used in Osiris Germany Campaign   Introduction The KRONOS malware was first discovered in June 2014 as a Banker Trojan available for purchase in a Russian underground forum for $7,000 [1]. After staying...

By Igor Baikalov, Chief Scientist, Securonix In his January 31 article in Dark Reading titled “5 Questions to Ask about Machine Learning” Anup Gosh proposes 5 questions consumers should ask in order to separate marketing hyperbole from technical reality. The questions Gosh proposes are all good points that you should...

By Oleg Kolesnikov, Securonix Threat Research Team Figure 1: Cosmos Bank in India US$13.5 Million SWIFT/ATM Cyber Attack of August 2018 [1]   Introduction The Securonix Threat Research team recently learned of a new high-profile cyber attack targeting SWIFT/ATM infrastructure of Cosmos Bank (COSDINBB), a 112-year old cooperative bank in...