1. The Security Consulting team here at Fidelis specializes in investigations of critical security incidents by advanced threat actors. Last week, after Guccifer 2.0 claimed responsibility for the intrusion into the Democratic National Committee’s (DNC) servers, we were provided with the malware … READ MORE

  2. What can bad guys use to launch a ransomware attack, facilitate an email spamming platform, or ensure persistent access to an enterprise? Compiled malware and compromised credentials could work. But web shells provide an even more stealthy way to establish a beachhead and quietly hide on the net … READ MORE

  3. One of the biggest challenges when you go shopping for new security tools is answering the inevitable question from finance: “What’s the value?” Determining the ROI of a new security product isn’t always an exact science. There are no hard and fast rules to follow – which is why generic … READ MORE

  4. Fidelis Cybersecurity has been investigating a new variant of Ursnif, a family of trojans that captures and reports information about user activity back to the attacker. We recently observed the variant distributed in phishing runs designed to appear as legitimate banking-related emails. On infe … READ MORE

  5. At InfoSecurity Europe in June, I will be showing a demonstration of what we call: “Attacker vs. Victim”, which uses real zero days, malware and tools to compromise a fictitious company and steal data. The purpose of this demo is to show executives, media and security practitioners what an ac … READ MORE

  6. On May 12, 2016, Fidelis Cybersecurity witnessed an update to Vawtrak malware, a banking trojan, spread via an email campaign using subpoena- and lawsuit-related themes. The configurations observed in this campaign point to an attempt to harvest user credentials when visiting accounts on major f … READ MORE

  7. The summer travel season is right in front of us. While the jungle may not be your intended destination, that’s exactly where you’re likely to find yourself. When you walk out the door with your smartphone and laptop, you become a high-value target. Your individual privacy and your employer … READ MORE

  8. To follow up on the March report on the discovery of a 64-bit Linux variant of Derusbi used in the Turbo campaign, this post covers our analysis of two unique Windows variants of the Derusbi PGV_PVID malware. Derusbi has been widely covered and associated with numerous Chinese cyber espionage act … READ MORE

  9. Here we go again. Stress levels are rising. Colleagues are in a panic and executives want answers now. Critical alerts suggest you’ve been compromised. The question is: Where did it happen? How did the attacker get in? Are any endpoints compromised? What’s the extent of the damage? What was … READ MORE