Despite legacy investments in cybersecurity, businesses remain highly vulnerable to cyber threats. This
continues to happen in large part because infosec teams that were originally established to close the
gap between off-the-shelf technology and the actual zero-day threats are not sufficiently resourced or
properly structured to identify and quarantine unknown malicious content.
Fortunately, recent breakthroughs in cybersecurity technology now empower infosec staff at all skill
levels to successfully discover and neutralize these attacks by combining traditional threat hunting
approaches with technologies that deliver new advanced malware hunting capabilities.
On September 10, 2018, the ReversingLabs Research team, working with other cybersecurity experts from Cisco Talos, uncovered a new spam campaign. The attack is spreading the Adwind 3.0 remote access tool (RAT) targeting Windows,Linux and Mac OSX operating systems. Most of the targets in this campaign are in Turkey, according to data from Cisco's Umbrella cloud security platform. Further research revealed important details about the attack and the forged Microsoft Office documents that the attackers are using.
Malware continues to increase in sophistication and routinely evades organizations' cyber defenses. It lurks inside networks, often for months, executing or waiting to execute attacks that can cause significant damage. The industry has developed numerous technologies to bolster detection, but the situation persists. To successfully operationalize these capabilities, new enabling technology is needed.
A common complaint among threat intelligence analysts is the near impossibility of searching global threat intelligence feeds to find the specific threat and vulnerability information that matters to their organization. This complaint is just the tip of the iceberg. The larger, underlying problem facing security teams is the general lack of visibility and context across all internal files and objects that enter and then move about, stay resident, and or leave their corporate environments.
This paper will discuss in detail a path to closing the visibility gap through a unique, new local threat intelligence infrastructure.
Security teams have a choice! ReversingLabs offers unequalled file intelligence with more total and more current data along with complete query/post privacy and enterprise class support. ReversingLabs also offers an option VirusTotal cannot &emdash; a complete onsite malware analysis solution that combines the industry's authoritative file intelligence database with an on-premises malware analysis and threat hunting platform. If your security team is tired of struggling with the limitations of VirusTotal, it is time to take a look at ReversingLabs.