Security

Posted on

OSX.Pwnet.A – CS: GO Hack and Sneaky Miner

(Photo source: Pony Strike: Global Offense by FilipinoNinja95) We recently found a hack for Counter-Strike: Global Offensive on macOS that is also a trojan that could mine CryptoCurrencies without user consent. According to VirusTotal Retrohunt, the threat is in the wild since the beginning of July 2017. Warning: At the time of this writing, all […]

READ MORE
Posted on

Securing Virtual Desktop Infrastructure (VDI)

The SentinelOne agent is an efficient solution to secure the growing demand for agent virtualization, including thin clients, layered apps, and other VDI scenarios. It does not require updates and is not dependent on signatures or other legacy antivirus features. The SentinelOne offering for VDI includes all protection engines and functionality, the same as we […]

READ MORE
Posted on

Dissecting NotPetya: So you thought it was ransomware

By Caleb Fenton, Joseph Landry, Nir Izraeli, Itai Liba, and Udi Shamir, Senior Security Researchers, SentinelOne Labs NotPetya was in the news this week, making headlines for being yet another ransomware attack that spread like fire – affecting organizations in several verticals across 65+ countries, drawing comparisons with the WannaCry attack that recently hit over […]

READ MORE
Posted on

Petya/NotPetya ransomware: What you need to know

Our SentinelOne research team is actively monitoring the Petya/NotPetya ransomware outbreak and we will update this blog post as more technical information about this attack is discovered. SentinelOne is proactively protecting customers against this latest strain. All SentinelOne customers using SentinelOne Enterprise Protection Platform are proactively protected against this outbreak.* Customers should also ensure that […]

READ MORE
Posted on

Are we done with WannaCry?

Several customers and industry analysts frequently ask us (and other vendors) about independent validation of our capabilities. We wanted to share information about a recent test conducted by MRG-Effitas to validate the effectiveness of various traditional and next-generation endpoint security suites against the EternalBlue and Doublepulsar exploits/backdoor. These threats were unearthed by “The Shadow Brokers” […]

READ MORE
Posted on

Armory Sandbox – Building a USB analyzer with USB armory

Some time ago a friend received a mysterious USB pen with a note talking about some kind of heavily persistent malware. He had that USB pen stored untouched and of course my curiosity took over. Since one should never plug in unknown USB devices into a computer (well, any USB device we purchase is unknown […]

READ MORE
Posted on

“Zusy” PowerPoint Malware Spreads Without Needing Macros

By Caleb Fenton and Itai Liba, Senior Security Researchers, SentinelOne Labs A new variant of a malware called “Zusy” has been found in the wild spreading as a PowerPoint file attached to spam emails with titles like “Purchase Order #130527” and “Confirmation”. It’s interesting because it doesn’t require the user to enable macros to execute. […]

READ MORE
Posted on

Introducing: SentinelOne Enterprise Risk Index

SentinelOne’s new Enterprise Risk Index (ERI) provides new evidence of the proportion of attacks that simply cannot be stopped by traditional, static, file inspection security solutions. It’s further proof that attack methods have rendered AV redundant. The ERI is intended as a resource on the commonly encountered threat vectors seen in production environments, as well […]

READ MORE
Posted on

I’m Getting Hacked Where? Your Data Breach Response Checklist

Jeremiah Grossman, our Chief of Security and Strategy here at SentinelOne, has a great piece of advice to increase your security immediately. Know What You’re Protecting. Grossman says, “When a company gets hacked, it’s largely because there’s a computer, a box, a website that they didn’t know they owned.” For small businesses this may be […]

READ MORE