APTs, Malware & Vulns

Behavioral Anomaly Detection (BAD) identifies threats without relying on static IoCs, enabling detection of Living Off the Land (LOTL) tactics....

The recent "dark_nexus" IoT botnet attack is merely the latest in a growing trend. But what exactly are botnets --...

Section 52 reverse-engineers the DanBot malware to analyze the commands used in its DNS tunneling and HTTP communication; its directory...

Section 52 reverse-engineers Windows kernel code to explain the DejaBlue vulnerability.

Section 52, CyberX’s threat intelligence team, has uncovered an ongoing industrial cyberespionage campaign targeting hundreds of manufacturing and other industrial...

DejaBlue has come and not gone…old, outdated “zombie” Windows systems are still prevalent in 62% of OT networks.  These systems...

  The Stuxnet campaign used a Dutch mole posing as a mechanic to penetrate the air-gapped facility and collect configuration...

The recent DoS incident affecting power grid control systems in Utah, Wyoming and California was interesting for several reasons. First,...

In the wake of the Norsk Hydro IoT industrial security ransomware incident, insights from David Atch, vice president of research,...

News of the ransomware attack on Norsk Hydro broke on March 19th and thanks to the admirable transparency shown by Norsk...

The CyberWire Daily podcast - posted on March 20, 2019.

Welcome to issue #9 of the CyberX-Files! In CyberX news, we were awarded a patent for our innovative IIoT- and...

Welcome to issue #8 of the CyberX-Files! In CyberX news, we recently launched an all-new website with detailed information about our...

In this CyberWire podcast from October 9, CyberX VP of Industrial Cybersecurity Phil Neray discusses the topic of the US...

In this CyberWire podcast from August 16, CyberX VP of Industrial Cybersecurity Phil Neray discusses the recent announcement by U.S....