Trellix

It's time to level up your threat-hunting game! Join John Fokker, Head of Threat Intelligence, and Brent King, Senior Solutions Engineer, for our GenAI Powered Threat Hunting Solution Webinar to discover how GenAI-powered tools are transforming the way we hunt, track, and eradicate threats. Don’t miss out — register now: https://bit.ly/40Zbavg

Head of Threat Intelligence John Fokker says that when it comes to today’s cyber threat landscape, “We aren’t in Kansas anymore.” ??? Based on data from The CyberThreat Report: November 2024, today’s security measures must be proactive across every sector and geography to keep up. ?? Intelligence-driven insights are mission-critical — read through John‘s perspective here. https://bit.ly/4eO8JyG

?? Many #GenAI tools like Microsoft Copilot are just chatbots that require more work from analysts, not less. Trellix Wise is different. It leverages decades of threat intelligence and machine learning to make real decisions, empowering Level 1 analysts to become 5x more effective. Hear from Trellix CTO, Cloud and AI Martin Holste and Global Senior Director, Solution Marketing Brian Brown - CISM, CDPSE, SABSA SCF during our upcoming webinar: Work Smarter, Not Harder: Trellix Wise vs. Microsoft Copilot. Save your seat. https://bit.ly/40Tnxso

Stop multi-stage attacks in their tracks. ?? Join us on Tuesday, November 26, at 9:00 AM ET for our latest Tech Talk on Multi-Stage Detections Using Helix Connect. With Adithya Chandra, learn how to stop multi-stage attacks by identifying suspicious behaviors across the entire kill chain and more. https://bit.ly/4eKk9n7

The QKS Group provides competitive analysis and ranking of the top Network Detection and Response vendors, and #TeamTrellix emerged as a clear Leader in the 2024 SPARK Matrix?. ?? With our comprehensive technology and customer experience management, we achieved exceptional ratings across the parameters of technology excellence and customer impact. Learn more about the achievement and our advanced #NDR approach. https://bit.ly/3OlY8QW

After attending our #ResponsibleSecurity webinar, 100% of respondents said increasing cyber resilience is a top objective this coming year. Set your goals for a resilient future by watching our on-demand panel featuring tech experts. ?? https://bit.ly/3XI52FG

Recent law enforcement action proves the effectiveness in halting Phobos' operation, even though we continue to observe other cybercriminals trying to profit from the Phobos legacy. A crucial question remains: how did Phobos stay under the radar for so long? ?? John Fokker, Jambul Tologonov and Pham D. from our Advanced Research Center underscore how this #ransomware operation achieved a low-profile approach. https://bit.ly/3V3ZmUC

These threats may be wicked, but we provide detailed analysis to keep you informed. Dive into this week’s top cybersecurity threats. ????????? https://bit.ly/46JIoxB 1?? Threat Profile: Sandworm Team Threat level: High ??? The Sandworm Team is a highly sophisticated cyber-espionage and cyber-warfare group believed to be associated with the Russian military intelligence agency GRU (Main Intelligence Directorate). 2?? APT41 Unleashes DeepData Framework To Compromise South Asian Entities Threat level: Medium ??? ?This campaign now includes ""DeepData,"" a modular Windows-based surveillance framework with 12 plugins enabling advanced data theft, cross-platform surveillance. 3?? Espionage And Wiper Malware Campaign Attributed To Hamas-linked Threat Group WIRTE Threat level: Medium ??? The WIRTE threat actor, linked to Hamas's Gaza Cybergang, has intensified attacks on Israel using a malware called SameCoin wiper. 4?? Threat Profile: XWorm Threat level: Medium ??? XWorm is a .NET binary that appeared in the wild around 2022. Upon execution, the malware performs various checks, such as checking for a mutex and detecting virtual machines, emulators, debuggers, sandbox environments, and Anyrun. 5?? BabbleLoader Uses Multiple Defensive Mechanisms To Evade Detection Threat level: Medium ??? BabbleLoader is a sophisticated malware loader with advanced evasion techniques that bypass traditional and AI-based detection systems. 6?? Threat Profile: AsyncRAT Threat level: Medium ??? AsyncRAT is an open-source Remote Access Trojan (RAT) written in C# that has been used by cybercriminals to steal sensitive information from users. 7?? Deep Dive Into Earth Estries' Cyber Operations Threat level: Low ?? Earth Estries, a suspected China-linked cyber-espionage group active since 2020, exploits vulnerabilities in Microsoft Exchange servers and network adapter management tools. 8?? LodaRAT Updated With New Stealer Capabilities Threat level: Low ??? Rapid7 has detected an ongoing malware campaign featuring an updated version of LodaRAT, initially observed in 2016. This Windows version can now steal cookies and passwords from Microsoft Edge and Brave. 9?? UAC-0194 Exploits Windows Zero-Day Vulnerability To Drop RATs (CVE-2024-43451) Threat level: Low ??? CVE-2024-43451, a zero-day vulnerability affecting Windows systems, was discovered by ClearSky Cyber Security in June 2024 and is exploited in attacks on Ukrainian entities. ?? Helldown Ransomware Group Enters The Ransomware Space Threat level: Low ??? The Helldown ransomware group emerged in Q3 of 2024, targeting various sectors indiscriminately, including museums, transport companies, and Zyxel, a network equipment manufacturer.

While increased focus on #cybersecurity at the board level elevates the CISO to a critical strategic leadership position, the added visibility comes with heightened demands for frequent, detailed reporting. Explore our eBook to learn why these expectations are unrealistic for time-constrained CISOs, distracting them from core technical responsibilities. https://bit.ly/4dPLuUi

Introducing ... the Trellix Wise for #DLP Design Partner Program (DPP). ?? Recognizing input from users and technology stakeholders is key — we launched this initiative to give customers the opportunity to collaborate with our product development and user experience teams as we create AI-enabled features for data loss prevention solutions. Learn how the DPP will shape the future of AI capabilities and see how you could be among the first program participants in the blog from Director of Product Marketing, Trellix Data Security Laurie Robb. https://bit.ly/3ALgO9x