Quantcast
Channel: Fast Horizon
Browsing latest articles
Browse All 32 View Live

Malware Persistence in the Cloud

The cloud is certainly going to change some things about malware infection. When a desktop is reset to clean state every time an employee logs in, you now have to wonder how malicious attackers are...

View Article



Cyber Conflict and State Power

There has been a rapid change in the global security paradigm. Cyberspace has fundamentally changed the stability between state and society. New conflict groups are not tied to any one state. There is...

View Article

Rootkit Evolution

Over the last few years HBGary has researched significant advancements in rootkit technology. We are pushing the envelope of what’s possible in the windows kernel. I’m glad to say that we haven’t seen...

View Article

Image may be NSFW.
Clik here to view.

Two new threat intelligence papers CSO's will want to read

Industrial Espionage in the Global Energy Market Since 2005, HBGary has been tracking variants of malware created and originated in China that indicate a complex cyber espionage operation targeting...

View Article

Is APT really about the person and not the malware?

Maybe the “APT is person not malware” pendulum is swinging to the extreme. Understandably it’s a response to commercial enterprises being obsessed with pure-play malware detection. But what is the...

View Article


Stop PDF Exploits Cold

I’m happy to announce that HBGary has released another free tool, similar to the Aurora scanner and the Chinese RAT catcher tools we released in past months. This one isn’t looking for malware,...

View Article

A Brief History of Physical Memory Forensics

Lately, we have been doing a lot of work around physical memory forensics. Recently, we released the free, community edition of our Responder™ product and plan to release the fourth generation of our...

View Article

Changing APT Tactics: Remote-Access Tools vs. Stolen Credentials

Advanced Persistent Threats (APT) are adaptive, their tactics will cycle after an intrusion takes place. For example, an APT group may start to lean away from RATs (remote-access tools) and rely more...

View Article


Image may be NSFW.
Clik here to view.

Scripting with Responder™ Community Edition

One of the most powerful features of Responder (all three versions, including the free Community Edition) is the ability to write custom plugins. The entire application is basically a GUI over an API....

View Article


Image may be NSFW.
Clik here to view.

Asymmetric Warfare and Cyber Terrorism

In the newly released document, “DoD Strategy for Operating in Cyberspace", the Pentagon states that “while the threat to intellectual property is often less visible than the threat to critical...

View Article

Image may be NSFW.
Clik here to view.

Command Line Programming with Responder PRO

One little known feature of HBGary’s Responder product is that it ships with the full source code to a command-line version. This command-line version of the product can be customized for automated...

View Article

Shady RAT is Serious Business

Ira Winkler makes some interesting points in his CIO article on Shady RAT. I tend to agree with his observation that security vendors spend too much energy infighting when we all should be facing a...

View Article

Image may be NSFW.
Clik here to view.

Inside an APT Covert Communications Channel

Note: I shortened the title of the post from "Inside an APT “Comment Crew” Covert Communications Channel" to "Inside an APT Covert Communications Channel". To be clear, multiple threat groups are using...

View Article


Social Terrorism

Social networking does something to people, intoxicating them with near-zero accountability for impulsive behavior protected under a banner of free speech. Fierce defenders of the social media...

View Article

Image may be NSFW.
Clik here to view.

APT - The Plain Hard Truth

The survivors from the front line have reported in. We stand on the ridge, a tangled mess of bodies behind us. We are the ones who have chased the demon, descending into the binary pit the users call...

View Article


Image may be NSFW.
Clik here to view.

Detecting APT Attackers in Memory with Digital DNA™

HBGary’s Digital DNA™ system is an alternative to traditional signature-based approaches to detecting malicious backdoors. While the “APT is not Malware” mantra is common, APT commonly use malware. To...

View Article

Image may be NSFW.
Clik here to view.

The Changing Face Behind the Keyboard

At my recent RSA presentation, I talked about the evolution of cyber threats over the last decade and the slowly shifting goals and intent of the hacking groups behind them. Most of us remember the...

View Article


Image may be NSFW.
Clik here to view.

Weaponization of Cyberspace

The weaponization of cyberspace started with the advent of criminal enterprise, and over time has enabled cyber warfare for a mass audience. Some of the best exploitation technology was created for...

View Article

On Precision and Big Data

Most true-positive threat detection is rule based. We use our powers of perception and analysis to find patterns in the data. This is effective because threat behavior is highly repetitive. One can’t...

View Article

Image may be NSFW.
Clik here to view.

The script kiddie is dead

SQL attacks are pervasive; the result is leakage of credentials. Millions of username/email + password pairs have been stripped out of compromised SQL servers and posted into public spaces. Thus,...

View Article

Image may be NSFW.
Clik here to view.

What is Cyber?

As a term, Cyber has a broad spectrum.  It has been applied to subjects ranging from low voltage microchips to international law.  In the context of security, when does it apply? Consider a situation...

View Article


The network perimeter has been turned inside out

The CISO needs to understand that modern cyberspace is turning the perimeter model inside out. Cloud and social applications have accelerated adoption in the Enterprise, but their protocols are...

View Article


Silk Road for Zero Day

I had to be amused after hearing about the TheRealDeal, a Silk Road for 0-day. First, that there really isn't anything illegal about selling a zero day - but I can understand the concerns about...

View Article

Image may be NSFW.
Clik here to view.

Creepy Dystopian Reality mirrors Cyber Fiction

Somewhere downstream from the economic churn of the cyber affluent, layers of humans pry and burn minerals and the occasional component from e-Waste to live on less than $100 USD a month. A man...

View Article

Is Cyber Protectionism on the Rise?

Cyber cold war is clearly heating up. Nation economies may start trending inward for IT and cyber support as fears about state-sponsored hacking are on the rise. High-profile technology vendors are...

View Article

Browsing latest articles
Browse All 32 View Live




Latest Images