Learn about how SentinelOne makes real-time unified endpoint protection a reality

Download Whitepaper
Image
Schedule a Test-Drive
Blog

Blog

Blog

  • From
  • to

Teaching an old RAT new tricks

Attackers have been successfully deploying RATs for years to remotely control users systems - giving them full access to the victim’s files or resources such as cameras, recording key strokes, or downloading further malware.  Traditionally RATs have been deployed when a user opens an email attachment, or downloads a file…

April 21, 2016

Joseph Landry

More

Reversing Petya – Latest Ransomware Variant

Continuing the theme of analyzing the different ransomware variants, this blog is dedicated to the analysis of Petya that’s introduced a very interesting new technique that’s made it very difficult to detect.  This analysis resulted in the identification of a new behavior that we’ve since coded into our Dynamic Behavior…

April 11, 2016

Ehud Shamir

More

Turns Out Ransomware Variants Aren’t That Unique After All

Over the past 2 years or so the security community has been dealing with a swarm of ransomware, ranging from big, long-lasting campaigns like CryptoLocker and CryptoWall (now in its 4th generation) which are making multi-million dollar profits, to more recent ninjas such as Locky and SamSam. The general definition…

April 07, 2016

Alon Nafta

More

The Down-Low on Endpoint Protection TCO

In today’s fast-paced IT world, it’s rare to come across a solution or piece of infrastructure whose total cost of ownership can be easily scoped out and calculated without breaking too much of a sweat. Such is largely the case with endpoint protection strategies. After all, we’ve come a long…

April 06, 2016

mike huber

More

Ransomware by the Numbers

Everyone in the security industry is talking about. Everyone who has been a victim of it is talking about it. Law enforcement is talking about it. You guessed it - ransomware. Three years strong of profitable attacks and still very much alive and well. Just when you think it’s a…

March 29, 2016

Sarah Vanier

More

Apple OS X Zero Day Vulnerability Can Bypass System Integrity Protection

Our researchers recently uncovered a major flaw which allows for local privilege escalation and bypass of System Integrity Protection, Apple’s newest protection feature. It was reported to Apple and patches will be available soon. This zero day vulnerability is present in all versions of Apple’s OS X operating system. SentinelOne’s…

March 24, 2016

SentinelOne

More

RSA 2016: Cyber Defense Magazine Gives SentinelOne Coveted Editor’s Choice Award for Second Consecutive Year

The RSA Conference each year highlights security innovation and the challenges organizations face in fighting off attackers, exploits and malware. This year, we begin the conference with news that SentinelOne EPP has received the Editor’s Choice Award from Cyber Defense Magazine for Best Endpoint Security Suite. This is the latest…

February 29, 2016

mike huber

More

CyberEdge Survey Concludes Significant Revolution Emerging in Endpoint Security By Scott Gainey

CyberEdge has just concluded their 3rd annual Cyberthreat Defense Report that provides a 360 degree view of organizations’ security threats, response plans, processes, and future investment strategies. This extensive report, which was sponsored by SentinelOne, is the result of surveying over 1,000 security decision makers and practitioners across 10 countries…

February 22, 2016

SentinelOne

More

SentinelOne Discovers a New Delivery Tactic for BlackEnergy 3

We’ve recently detected a new distribution mechanism for BlackEnergy 3 that’s actively in use today affecting SCADA systems across Europe. BlackEnergy of course has been in existence since 2007, and has evolved significantly into a complete rootkit that can perform data exfiltration and network sniffing, among other tasks. In the…

January 27, 2016

Ehud Shamir

More

XRTN: More batch script-based Ransomware

A few weeks ago reports emerged about victims being attacked by a new ransomware variant called XRTN. What’s interesting in this case, is that XRTN uses a “pure” batch script as the actual payload that is responsible for filesystem encryption, presumably to bypass anti-virus (AV) solutions. Until now, binary files…

January 26, 2016

Alon Nafta

More
1 2 3 5