Contact Us

1 (800) 723-1166 |

All Blogs

Sometimes old threats continue to remain relevant for a long period of time. The longevity of the x86 CPU architecture means that rootkits leveraging its features to achieve stealth on compromised systems may have a long shelf life and enable attackers to evade detection over an extended period. In this article, we look at “Subversive” (, a Linux rootkit that uses x86 debug registers to hook the operating system kernel. Despite the last change in... Read More

On the last full day of RSA, Forcepoint CEO Matt Moynahan delivered a keynote on the importance of breaking from a focus on endpoints and walls to the critical human point of interaction between people, content and data.

Matt emphasized that though the cybersecurity industry has invested billions in technology, little progress has been made in recognizing and preventing cyber breaches.  Critical business data is now everywhere and the notion of boundaries and walls are increasingly... Read More

Panel moderator Dr. Richard Ford with panelists Nate Cardozo, Matt Heine, and Matt Bishop

Wednesday at RSA, Forcepoint CTO Dr. Richard Ford moderated the panel ‘Could US Anti-Hacking Laws Handicap Cybersecurity?’ Panelists included Senior Staff Attorney at the Electronic Frontier Foundation Nate Cardozo; Matt Bishop, professor with the department of computer science at the University of California, Davis; and Raytheon Principal Software Engineer and Deep Red team member Matt Heine.... Read More

As we begin the second full day at this year’s RSA conference, a look back at day one.

We spoke with Forcepoint’s Jim Fulton, senior director of product marketing and Dan Valez, director of insider threat operations to find out what’s on the minds of visitors to the Forcepoint booth.

Jim Fulton:

“Attendees are looking for something that breaks out of the norm. They’re not interested in scare tactics. In our case, they’re really connecting with our message of... Read More

Forcepoint Security Labs™ came across a malicious reconnaissance campaign that targets websites. It is unknown what is the intent behind the campaign as of this writing, however, the profile of the targets resembles those that are common targets of Advanced Persistent Threat (APT) actors. As the attack is currently active, it effectively turns compromised sites into attack surfaces against their visitors.

Furthermore, the injections resemble those used by the Turla group, such as... Read More

Forcepoint Security Labs™ recently investigated a trojanized RTF document which we tied to the Carbank criminal gang. The document contains an encoded Visual Basic Script (VBScript) typical of previous Carbanak malware. Recent samples of the malware have now included the ability to use Google services for command-and-control (C&C) communication. We have notified Google of the abuse and are working with them to share additional information.

Carbanak (also known as Anunak) are a... Read More


by Nicholas Griffin and Roland Dela Paz

In October 2016 Forcepoint Security Labs™ discovered new versions of the MM Core backdoor being used in targeted attacks. Also known as “BaneChant”, MM Core is a file-less APT which is executed in memory by a downloader component. It was first reported in 2013 under the version number “2.0-LNK” where it used the tag “BaneChant” in its command-and-control (C2) network request. A second version “2.1-LNK” with the network tag “... Read More

By Dan Velez, Director, Insider Threat Operations

This is the season for New Year’s resolutions. Of course, we all realize that some of these “promises” are easier to keep than others. But if experience has taught us anything, it’s that we meet with more success here when our goals are tangibly beneficial and realistically achievable: We know what positive outcomes we’ll derive. And getting there won’t overwhelm us to the point where we quit.

We should take the same approach... Read More

The holidays are the perfect time to reflect on this year’s experiences, successes and resolutions for the impending New Year. While self-analysis can sometimes be a grey area, how employees treat data is much more black and white. If there’s anything 2016 has taught us, it’s that treatment of important data is just as important as the security tools organizations have in place. This is backed up by data of course, most recently with a Forrester Research study that saw a staggering... Read More

Forcepoint Named Best Network Security/Enterprise Firewall Winner in 8th Annual Government Security News Homeland Security Awards

Everyday federal agencies must counter and prevent a range of cyber threats designed to disrupt the most sensitive systems, data and applications on which they and our country’s critical missions depend. Forcepoint’s Stonesoft® Next Generation Firewall (NGFW) was designed to deliver the networking, scalability and security needed for our federal agencies... Read More