menu

Contact Us

1 (800) 723-1166 |

All Blogs

Forcepoint Security Labs have recently observed a malicious email campaign delivering what appears to be a new variant of the Geodo/Emotet banking malware, predominantly to .UK TLDs across a range of sectors including addresses at major business and government departments.

Several prior campaigns have been recorded with researchers noting a progressive evolution in the methods employed by the actors behind the malware: earlier versions were reported delivering the malware as an... Read More

IDC Business Value Snapshot: The Business Value In Switching to Forcepoint NGFW

Many technology organizations make bold claims about ROI, but more often than not, there isn’t any data to back up those claims. We are happy to break the mold. Our Next Generation Firewall (NGFW) is designed to deliver high efficiency, availability and security for distributed organizations. And, here are the numbers to prove it.

IDC Research, one of the leading research... Read More

In a recent blog we talked about how the current ransomware pandemic continues to attract would-be cybercriminals to ransomware-as-a-service (RaaS) platforms. In this post we will look into a new piece of ransomware called "CradleCore" - a crimeware kit that is currently being offered to cybercriminals looking to own customisable ransomware source code.

CradleCore,  a.k.a. "Cradle Ransomware", is peculiar in the sense that it is being sold as source code. Typically, ransomware is... Read More

In the past year, the Healthcare sector was one of the biggest industries that were hit by ransomware attacks. Being inclined to paying ransom to recover patient data, the Healthcare sector became a low hanging fruit for seasoned ransomware operators looking to maximize profit, such as those behind the Locky ransomware. However, it appears that amateur cybercriminals have also started to shift towards this trend in the form of an off-the-shelf ransomware aimed at a healthcare organization in... Read More

One of the things that makes Forcepoint different from other Next Generation Firewall (NGFW) vendors is the way we extensively use the cloud with our network security products to connect and protect our customers in innovative ways. Today, we’re taking it even further, announcing our new Forcepoint Advanced Malware Detection (AMD) cloud service alongside the new NGFW 6.2 release of our unified software for firewalls and intrusion prevention systems (IPS). They’re both extremely easy to roll... Read More

For the past several weeks, Forcepoint Security Labs have been tracking a seemingly low-profile piece of malware which piqued our interest for a number of reasons: few samples appear to be available in the wild; there is no previous documentation referring to the C2 domains and IP addresses it uses (despite the domains appearing to be at least twelve months old); and, if its compilation timestamps are to be trusted, the campaign itself may have been active for at least six months before... Read More

Since January of this year, Forcepoint Security Labs™ have observed that the DragonOK campaign have started to target political parties in Cambodia. DragonOK is an active targeted attack that was first discovered in 2014. It is known to target organizations from Taiwan, Japan, Tibet and Russia with spear-phishing emails containing malicious attachments. 

The latest dropper they used is disguised as an Adobe Reader installer and installs yet another new custom remote access... Read More

In early March 2017 we saw a surge in malware samples with similar behaviours and low detection rates, often triggering only generic and/or heuristic antivirus signatures. Examining these revealed them to be samples of the venerable njRAT Trojan (also known as Bladabindi) and, unsurprisingly, shows their post-infection behaviour and capabilities to align with known njRAT patterns (keylogging, screen-capturing, etc.)

Two samples were examined in particular: both of these downloaded a... Read More

The Growing Cultural Impact of Millennials in the Federal Workforce 

by Michael Crouse, Sr. Director Business Solutions, Data & Insider Threat Security Business

How can federal agencies allow millennial workers access to their devices and social media, but also ensure that they have the security in place so that millennials can’t abuse these services?

Today, many federal agencies are simply not prepared for the ongoing influx of millennials into their... Read More

Since late last year, multiple warnings have been issued to the public regarding tax-related fraud campaigns. Last month, a warning was issued to Northwich residents in the UK regarding a HM Revenue & Customs (HMRC) phishing scam, while the Internal Revenue Service (IRS) issued a similar warning to US tax payers.

Forcepoint Security Labs™ have observed a similar trend in our telemetry. Small to medium-sized tax-themed email campaigns have constantly appeared since the start of... Read More