Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

APT

Below you will find reports with the tag of “APT”

image from The Rise Of Machine Learning In Cybersecurity

The Rise Of Machine Learning In Cybersecurity

The purpose of this white paper is to help users understand how CrowdStrike ® uses ML to protect endpoints. To get there, we must first clarify what ML is and how it works. Then we will describe how Crowdstrike implements ML, specifically in the area of malware detection. Finally, we will discuss the benefits and limitations of applying ML in cybersecurity. In the end, the reader will get a better understanding of ML and how — when used correctly — it can help defend against cyber threats.

(more available)
Added: January 1, 2019
image from Indicators of Attack Versus Indicators of Compromise

Indicators of Attack Versus Indicators of Compromise

Based on extensive use of CrowdStrike’s next generation endpoint protection platform to detect and prevent sophisticated attacks against large organizations, CrowdStrike’s in house team of security experts, adversary hunters, intelligence analysts and incident responders have pooled their knowledge to produce this valuable guidebook and checklist for proactively enhancing your corporate information security procedures while avoiding common mistakes and pitfalls.

(more available)
Added: January 1, 2019
image from 5 Reasons Endpoint Security Must Move To The Cloud

5 Reasons Endpoint Security Must Move To The Cloud

This brief whitepaper offers some thoughts on why endpoint security should move to the cloud.

Added: January 1, 2019
image from Cyber Attack Survival Checklist

Cyber Attack Survival Checklist

This report offers a checklist for surviving a Cyber Attack.

Added: January 1, 2019
image from Replace AV Buyers Guide

Replace AV Buyers Guide

Carbon Black adapts key sections from the SANS Buyer’s Guide for Endpoint Security and provides assistance for helping you assess your options.

(more available)
Added: January 1, 2019
image from Automate The Hunt

Automate The Hunt

This paper provides insight into the tools an IT security pro needs to rapidly hunt, find and investigate dynamic threat indicators.

(more available)
Added: December 29, 2018
image from The Challenge Of Building The Right Security Automation Architecture

The Challenge Of Building The Right Security Automation Architecture

Security automation architecture can improve organizations’ security posture by augmenting or replacing human intervention in the identification and containment of cyber exploits or breaches through the use of such technologies as artificial intelligence, machine learning, analytics and orchestration. Sponsored by Juniper, the purpose of this research is to understand the challenges companies face when deciding how, when and where to implement the right automation capabilities in order to improve productivity, reduce costs, scale to support cloud deployments and ultimately strengthen the security posture of the business. Ponemon Institute surveyed 1,859 IT and IT security practitioners in Germany, France, the United Kingdom and the United States. All participants in this research are in organizations that presently deploy or plan to deploy security automation tools or applications and are familiar with their organizations use of security automation and have some responsibility for evaluating and/or selecting security automation technologies and vendors.

(more available)
Added: December 14, 2018
image from KRACK Attack: WPA2 Wi-Fi Vulnerability

KRACK Attack: WPA2 Wi-Fi Vulnerability

This report takes a look at the “Key Reinstallation Attack” VULN that works against all modern protected Wi-Fi- networks.

Added: December 5, 2018
image from 2018 Threat Intelligence Report

2018 Threat Intelligence Report

“Threat intelligence has become a significant weapon in the fight against cybersecurity threats, and a large majority of organizations have made it a key part of their security programs. Among the key findings of the report are that organizations are leveraging threat intelligence data for a number of use cases, and many rate themselves fairly competent in their use of threat intelligence to identify and remediate cyber threats. The most common benefits of threat intelligence platforms include better threat analysis, faster detection and response, more efficient security operations, and better visibility into threats.”

(more available)
Added: November 29, 2018
image from Cyber Threat Landscape: The Healthcare Industry

Cyber Threat Landscape: The Healthcare Industry

“Organizations in the healthcare industry have been in the news a number of times in recent years as a result of significant cyber attacks. In 2017, WannaCry made global headlines as its impact to the UK’s National Health Service (NHS) became known. Other attacks have seen health records stolen or ransoms paid to keep critical systems online at hospitals. Understanding the nature of the threats to the healthcare industry helps define effective ways to counter these threats and help to prevent them from making future headlines.”

(more available)
Added: November 29, 2018
image from Threat Landscape: Republic of South Africa (RSA)

Threat Landscape: Republic of South Africa (RSA)

This report offers a view of The Republic of South Africa. And takes a look at the Threat Landscape of that nation.

(more available)
Added: November 29, 2018
image from The Clock Is Ticking On Supply Chain Cybersecurity

The Clock Is Ticking On Supply Chain Cybersecurity

More than 40 executive-level representatives from primes to Tier 2 and consultants participated in an October 24th Roundtable on these topics. The roundtable was conducted under Chatham House Rules. Accordingly, this paper summarizes the discussion, with no identification of attendees.

(more available)
Added: November 24, 2018
image from Law Firm Cyber Security Scorecard Q4 2017

Law Firm Cyber Security Scorecard Q4 2017

Data breach has become an existential risk to every law firm throughout the world regardless of the number of attorneys, revenues or practice areas. The Law Firm Cyber Security Scorecard is compiled by LOGICFORCE and published bi-annually to educate the legal industry on the current state of Cyber Security preparedness. This second edition also seeks to clearly define de facto cyber security standards for law firms so they can easily determine where their organizations rate in comparison.

(more available)
Added: November 23, 2018
image from The State Of Threat Detection Report 2018

The State Of Threat Detection Report 2018

Between April and July 2018, Fidelis conducted a study of 582 security professionals to evaluate the adoption of threat hunting practices and overall security posture strengths and weaknesses.

(more available)
Added: November 21, 2018
image from Understanding The Pending U.S. Data Breach Prevention and Compensation Act of 2018

Understanding The Pending U.S. Data Breach Prevention and Compensation Act of 2018

This special report provides information related to the Harbinger of a U.S. National Data Protection Law.

Added: November 20, 2018
image from APT Targets Financial Analysts with CVE-2017-0199

APT Targets Financial Analysts with CVE-2017-0199

On April 20, Proofpoint observed a targeted campaign focused on financial analysts working at top global financial firms operating in Russia and neighboring countries. These analysts were linked by their coverage of the telecommunications industry, making this targeting very similar to, and likely a continuation of, activity described in our “In Pursuit of Optical Fibers and Troop Intel ” blog. This time, however, attackers opportunistically used spearphishing emails with a Microsoft Word attachment exploiting the recently patched CVE-2017-0199 to deploy the ZeroT Trojan, which in turn downloaded the PlugX Remote Access Trojan (RAT). Proofpoint is tracking this attacker, believed to operate out of China, as TA459. The actor typically targets Central Asian countries, Russia, Belarus, Mongolia, and others. TA549 possesses a diverse malware arsenal including PlugX, NetTraveler, and ZeroT. [1][2][3] In this blog, we also document other 2017 activity so far by this attack group, including their distribution of ZeroT malware and secondary payloads PCrat/Gh0st.

(more available)
Added: November 15, 2018
image from ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar

ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar

Using data collected from the Lookout global sensor network, the Lookout research team was able to gain unique visibility into the ViperRAT malware, including 11 new, unreported applications. We also discovered and analyzed live, misconfigured malicious command and control servers (C2), from which we were able to identify how the attacker gets new, infected apps to secretly install and the types of activities they are monitoring. In addition, we uncovered the IMEIs of the targeted individuals (IMEIs will not be shared publicly for the privacy and safety of the victims) as well as the types of exfiltrated content.

(more available)
Added: November 15, 2018
image from BlackOasis APT and new targeted attacks leveraging zeroday exploit

BlackOasis APT and new targeted attacks leveraging zeroday exploit

This post discusses the following event - “On October 10, 2017, Kaspersky Lab’s advanced exploit prevention systems identified a new Adobe Flash zero day exploit used in the wild against our customers. "

(more available)
Added: November 15, 2018
image from APT29 Domain Fronting With TOR

APT29 Domain Fronting With TOR

This blog post takes a look at APT29 Domain Fronting with Tor.

Added: November 15, 2018
image from A Large Scale Cyber Espionage APT in Asia

A Large Scale Cyber Espionage APT in Asia

The investigation of a massive cyber espionage APT (Advanced Persistent Threat) became a game of one-upmanship between attackers and defenders. Dubbed Operation Cobalt Kitty, the APT targeted a global corporation based in Asia with the goal of stealing proprietary business information. The threat actor targeted the company’s top-level management by using sophisticated spear-phishing attacks as the initial penetration vector, ultimately compromising the computers of vice presidents, senior directors and other key personnel in the operational departments. During Operation Cobalt Kitty, the attackers compromised more than 40 PCs and servers, including the domain controller, file servers, Web application server and database server.

(more available)
Added: November 15, 2018
image from Dissecting the APT28 Mac OS X Payload

Dissecting the APT28 Mac OS X Payload

This report analyzes the Mac specific malware from APT28 named Trojan.MAC.APT28

Added: November 12, 2018
  • ««
  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • »
  • »»
© Cyentia Institute 2025
Library updated: June 24, 2025 04:08 UTC (build b1d7be4)