Blog

Lateral Movement of Emotet

Acalvio Threat Research Labs. Introduction Emotet is one of many information stealer malware families which have been active in the recent months. The initial delivery vector of the malware is via phishing campaign. The blog by TrendMicro[1] and Microsoft[2] discusses...

read more

Three Minutes Until the Apocalypse

This blog covers three main topics: Three Key Questions Needing Answers Within Three Minutes When You Suspect a Breach Using Deception and Endpoint Logs to Backtrack Command and Control Improving SOC Triage Workflow with Prevention Failure Detection An adversary has...

read more

Spreading Technique used by Retadup Worm.

Acalvio Threat Research Lab Retadup worm has been in the news recently. It was first observered infecting Israeli Hospitals [1] and recently it was observered active in South America mining for Crypto Currency[2]. The details of the worm have been published by Trend...

read more

Can We Automate Threat Hunting?

Threat hunting has been primarily a playground for security experts to surface unknown threats. It is a proactive security approach where the hunt starts with a hypothesis about a hidden threat that may be already in the enterprise network. According to 2017 survey on...

read more

Deception Centric Defense Against Ransomware

Team Acalvio It is estimated that in 2017, damages due to the ransomware will exceed $5 billion.[8]  When successful, ransomware can not only infect the endpoint, it can also spread across the network extending its exploit. The initial versions of ransomware like...

read more