1. Phind the Phish - Reducing Phishing Detection from Months to Minutes
    Wednesday, March 15, 2017
    Every day, attackers tunnel under, sneak through, go around, go over and squeeze past your security technologies. While you’re armed with more security tools than you can count, most of them are hiding a dirty little secret: They actually create more work for people, not less. Security teams are inu... READ MORE
  2. Widespread Exploitation Attempts Using CVE-2017-5638
    Saturday, March 11, 2017
    Many research teams have reported on their observations of exploits involving the use of the Apache Struts vulnerability CVE-2017-5638 since Cisco Talos published their post on Wednesday March 8. Fidelis Cybersecurity Threat Research is also seeing widespread activity and contrary to some reporting... READ MORE
  3. 5 Requirements for Stopping Modern Intrusions
    Thursday, March 9, 2017
    There’s a reason why airport security x-rays your bags. It’s because the only way you can tell if something is a true threat is to actually look at the contents. It’s the same with network security. The only way to prevent modern intrusions is to actually inspect the content on your network in real... READ MORE
  4. Modern Messaging OPSEC: Popular App Gives Scammers a Boost
    Thursday, March 2, 2017
    Modern messaging apps, many of which offer end-to-end encryption, are used every day by millions of people. These apps come with the expectation of privacy. However, we recently observed an interesting operational security issue involving one such popular messaging app, Telegram . We're posting our... READ MORE
  5. Understanding the SmokeLoader Downloader
    Thursday, February 9, 2017
    Downloaders and droppers (aka malware that delivers other malware) have been forced to live in the shadow of more famous stages of the exploit kit chain, like landing pages or the malware that's eventually dropped. One reason they are often overlooked and not analyzed as often is because they typica... READ MORE
  6. RSA 2017: Join Fidelis Cybersecurity in San Francisco
    Wednesday, February 8, 2017
    We're counting down the last few days to RSA 2017. As you pack your suitcase and map out your schedule, plan on joining us for a demo at Booth #933 . Stop by and say hello and grab your limited edition t-shirt. Here’s a quick rundown on where you can find us: RSA 2017 EXPO: Join Fidelis Cybersecurit... READ MORE
  7. Spying on GoldenEye Ransomware
    Thursday, February 2, 2017
    Producers of the 1995 James Bond film “GoldenEye” packed the plot with all the signature elements fans expect from the successful franchise. Over-the-top supervillain – check. Cool spy gadgets – check. Exotic locations – check. And, of course, 007 saves the day. The film was also slightly ahead of i... READ MORE
  8. Five Security Trends to Watch in 2017
    Thursday, January 26, 2017
    What does 2017 hold for security professionals and the industry as a whole? To answer this question, let’s take a quick look at what has not changed. For one, ransomware continues to be an effective extortion tool for attackers. They’re constantly honing their ability to use backdoors and rootkits t... READ MORE
  9. Revenge of the DevOps Gangster: Open Hadoop Installs Wiped Worldwide
    Wednesday, January 18, 2017
    Earlier this month, security news media reported attackers holding internet-exposed MongoDB and Elasticsearch databases for ransom. Attackers said they’d return the data if they got paid -- otherwise, the data would be erased. In many reported instances, attackers simply deleted the data. Unfortunat... READ MORE