Malicious Office Documents: Going Old School with Symbolic Link Files
This article discusses Symbolic Link (SYLK) files and how the old method of data exchange is now being used to gain entry to organizations.
Indicators of compromise (IOCs) are the pieces of evidence collected from a host system (e.g. laptops, servers, mobile phones), applications (e.g. databases), cloud-based capabilities or network when suspicious or malicious activities have been identified.
zvelo’s curated cyber threat intelligence data delivers rich metadata for highly contextualized malicious and phishing Indicators of Compromise and threat signals which can be easily integrated into existing security tools and platforms (including SIEM, SOAR, EDR, MDR, XDR, etc.), for deeper analysis and enrichment by cyber defenders and threat analysts.
Common Indicators of Compromise (listed in order from the easiest to assess to the most difficult) include file hashes, IP addresses, domain names, network/host artifacts, tools, and tactics, techniques, and procedures (TTPs). zvelo details how its threat detection feeds map to each of these IOCs within the Pyramid of Pain — a model cyber defenders use for Incident Response (IR) and threat hunting.
Malicious Office Documents: What is Old is New Again
This is the first article of a three-part series where we examine phishing attacks that faded from popularity but are now resurging — in particular, malicious Office documents.
Malware Analysis: Protecting Your Network from Cyber Attacks
Malware Analysis uncovers hidden attackers actively exploiting your network, identifies latent infections and analyzes captured payloads.
Reduce Threat Risks with Brand Vulnerability Assessment
Reduce your cyber threat risk by leveraging a Brand Vulnerability Assessment to identify the vulnerabilities and weaknesses which leave your brand exposed to attacks.
zvelo’s Cyber Threat Intelligence Team Shares In-Depth Analysis of Emotet
Emotet: An In-Depth Document Analysis, is zvelo’s latest threat report intended to help defenders understand Emotet’s initial infection mechanisms so they may better protect their organizations.
Catching MCAs at the Intersection of Infrastructure and Influence
The intersection of infrastructure and influence creates linkages which may become discoverable and aid cyber defenders in catching MCAs.
zvelo’s Early Response to SolarWinds Attack Protects Massive Partner Network
zvelo’s Response to the SolarWinds Attack Protected its Clients and Partner Network of 600+ Million End Points and Users Across the Globe. Learn more.
Fight Ransomware with Defense in Depth
As Ransomware attacks continue to make headlines, organizations must evolve towards fighting Ransomware with a Defense in Depth strategy.
zvelo Releases Malicious Trends Report
zvelo releases its first Cyber Threat Intelligence Malicious Trends Report for insights into current threats and exploits on the ActiveWeb.
Deciphering Threat Signals: New Domain Registrations
Beyond the malicious and phishing activities of the ActiveWeb, lurks suspicious activity with new domain registrations in the ProActiveWeb.