Anomaly detection vs Ransomware

A big part of what we do at CyberSift is anomaly detection. The recent WannaCry attack highlighted the growing threat of ransomware in the security landscape. The WannaCry authors may have made amateur mistakes, and there may be more stealthy and profitable attacks than WannaCry, but the negative impact it has had on Windows users … Continue reading Anomaly detection vs Ransomware

Threat hunting using DNS indicators

DNS is a great source of information for security analysts… if you’re not already monitoring DNS activity in your network — you should start asap, for the reasons we’ll explore in this article DNS is one of the major workhorses that powers the Internet. Everything uses DNS — browsers, apps, updates… and malware. Almost every malware needs to “phone … Continue reading Threat hunting using DNS indicators