detection

New Approach for Command Line Anomaly Detection

Jan 27, 2022 by iHash Leave a Comment

Suspicious command lines differ from common ones in how the executable path looks and the unusual arguments passed to them Bidirectional Encoder Representations from Transformers (BERT) embeddings can successfully be used for feature extraction for command lines Outlier detectors on top of BERT embeddings can detect anomalous command lines without the need for data labeling Our … [Read more...] about New Approach for Command Line Anomaly Detection

Relevant and Extended Detection with SecureX, Part Three: Behaviour-Based Detections with Secure Network Analytics

Jan 21, 2022 by iHash Leave a Comment

In part one of this Relevant and Extended Detection with SecureX series, we introduced the notion of risk-based extended detection with Cisco SecureX – the idea that a user can prioritise detections into incidents based on their idea of what constitutes risk in their environments and then extend those detections with enrichments from other products. In subsequent posts we are … [Read more...] about Relevant and Extended Detection with SecureX, Part Three: Behaviour-Based Detections with Secure Network Analytics

Introducing Falcon Hardware Enhanced Exploit Detection

Dec 28, 2021 by iHash Leave a Comment

Falcon adds a new feature that uses Intel hardware capabilities to detect complex attack techniques that are notoriously hard to detect. CrowdStrike’s new Hardware Enhanced Exploit Detection feature delivers memory safety protections for a large number of customers on older PCs that lack modern in-built protections. Once activated, the new feature detects exploits by analyzing … [Read more...] about Introducing Falcon Hardware Enhanced Exploit Detection

New BLISTER Malware Using Code Signing Certificates to Evade Detection

Dec 24, 2021 by iHash Leave a Comment

Cybersecurity researchers have disclosed details of an evasive malware campaign that makes use of valid code signing certificates to sneak past security defenses and stay under the radar with the goal of deploying Cobalt Strike and BitRAT payloads on compromised systems. The binary, a loader, has been dubbed "Blister" by researchers from Elastic Security, with the malware … [Read more...] about New BLISTER Malware Using Code Signing Certificates to Evade Detection

Relevant and Extended Detection with SecureX, Part Two: Endpoint Detections

Dec 15, 2021 by iHash Leave a Comment

In part one of this series we introduced the notion of risk-based extended detection with SecureX – the idea that a user can prioritise detections into incidents based on their idea of what constitutes risk in their environments and then extend those detections with enrichments from other products. In subsequent posts we are diving deeper into different Cisco Secure detection … [Read more...] about Relevant and Extended Detection with SecureX, Part Two: Endpoint Detections

Relevant and Extended Detection with SecureX

Dec 3, 2021 by iHash Leave a Comment

In a recent blog, Al Huger spoke about Cisco’s vision of Extended Detection and Response (XDR); specifically covering the breadth of definitions in the industry and clarifying Cisco’s definition of XDR: “A unified security incident detection and response platform that automatically collects and correlates data from multiple proprietary security components.” He also detailed the … [Read more...] about Relevant and Extended Detection with SecureX

How CrowdStrike Supercharges IR with Identity Threat Detection

Nov 21, 2021 by iHash Leave a Comment

CrowdStrike Incident Response teams leverage Falcon Identity Threat Detection (ITD) for Microsoft Active Directory (AD) and Azure AD account authentication visibility, credential hygiene and multifactor authentication implementation Falcon ITD is integrated into the CrowdStrike Falcon® platform and provides alerts, dashboards and custom templates to identify compromised … [Read more...] about How CrowdStrike Supercharges IR with Identity Threat Detection

Why the Detection Funnel Hits Diminishing Returns

Nov 13, 2021 by iHash Leave a Comment

Noisy alerts caused by an increased number of rules for detecting malicious behavior overburden security analysts. Alert fatigue happens when an overwhelming number of alerts desensitize the security team tasked with responding to them. CrowdStrike CrowdScore™ automatically prioritizes activity that is more unusual in part by noticing which alerts are noisy in each … [Read more...] about Why the Detection Funnel Hits Diminishing Returns

New Malware Targets Windows Subsystem for Linux to Evade Detection

Sep 17, 2021 by iHash Leave a Comment

A number of malicious samples have been created for the Windows Subsystem for Linux (WSL) with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular anti-malware engines. The "distinct tradecraft" marks the first instance where a threat actor has been found abusing WSL to install … [Read more...] about New Malware Targets Windows Subsystem for Linux to Evade Detection

This New Malware Family Using CLFS Log Files to Avoid Detection

Sep 3, 2021 by iHash Leave a Comment

Cybersecurity researchers have disclosed details about a new malware family that relies on the Common Log File System (CLFS) to hide a second-stage payload in registry transaction files in an attempt to evade detection mechanisms. FireEye's Mandiant Advanced Practices team, which made the discovery, dubbed the malware PRIVATELOG, and its installer, STASHLOG. Specifics about the … [Read more...] about This New Malware Family Using CLFS Log Files to Avoid Detection

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54