Threat Advisors

Threat Advisor: Blocking CryptoLocker with Advanced Threat Protection

Blocking CryptoLocker with Advanced Threat Protection

This Threat Advisor will examine how CryptoLocker adds a couple of new twists to familiar advanced-attack techniques used in ransomware to devastating effect for those who are unprepared. We’ll show you the keys to detecting and preventing Cryptolocker (and other advanced attacks) from executing. First and foremost is the use of policies that prevent CryptoLocker from executing on any endpoint, anywhere.

Threat Advisor: Don't Get Burned By Flame

Don’t Get Burned by Flame

What is Flame? Flame is the latest high profile cyber attack making the news. It has so far been detected in Middle East countries. Flame is more than simply a virus or worm – it is basically a cyber espionage toolkit, containing the most comprehensive set of sleuthing technologies in a single piece of malware. It can monitor and steal data from a computer’s microphone, screen, keyboard, Bluetooth, WiFi and network, among its known capabilities. It can propagate via USB or directly over a network. It can use several different types of data encryption and compression to store and then exfiltrate data to a controllable set of command-and-control servers.

Threat Advisor: A Family Affair: Stopping Gauss

A Family Affair: Stopping Gauss

First Came Flame.  The past year has seen an increase in sophisticated attacks discovered in the Middle East targeted at specific corporations. We first saw this with the public announcement of Flame in May 2012, which was aimed at industrial or fixed systems; however Bit9’s first encounter with Flame occurred much earlier than that. In October 2011, when what became known as Flame was just seen as an unknown file, the Bit9 Trust-based Security Platform blocked and prevented it frocomrpm executing.

Threat Advisor: Securing Endpoints for PCI DSS Compliance

Securing Endpoints for PCI DSS Compliance

Economic Espionage and Your Company’s Future
The theft of corporate intellectual property (IP) has received a lot of recent media attention. Some of the biggest headlines include a Wall Street Journal article on cyber threats written by the President,1 and statements from the director of the National Security Agency (NSA) that cyber espionage will produce the “greatest transfer of wealth in history.”2 The publicity is warranted: Cyber security breaches go largely undetected, and the economic impact of stolen trade secrets, source code, drug and chemical formulas, and product designs has become increasingly serious.

Threat Advisors: Protecting Your Domain Controllers

Protecting Your Domain Controllers

Domain Controllers: The Target of Choice.  Bit9 has seen a 150 percent year-over-year increase in the number of attacks on domain controllers. Attackers, largely nation states and cyber criminals, are after corporate intellectual property (IP)—everything from chemical formulas and vaccines to military data and source code—all valuable competitive information. Rather than attacking directly the servers that house such information, advanced persistent attackers are targeting domain controllers so as to gain access to all information repositories and systems within the company.

Threat Advisor: Securing Protected Health Information

Securing Protected Health Information

Protected Health Information is at Risk.  As the adoption and exchange of the Electronic Medical Record (EMR) escalates, so too have the regulations and challenges related to securing electronic Protected Health Information (ePHI). The potential access to ePHI has given rise to more advanced attacks by financially motivated cyber criminals. In fact, between September of 2009 and February of 2012, nearly 20 million Americans had the privacy of their ePHI breached.1

Bit9 + Carbon Black