Contact Us

1 (800) 723-1166 |

All Blogs


Forcepoint Security Labs™ recently encountered a strain of attacks that appear to target Pakistani nationals. We named the attack "BITTER" based on the network communication header used by the latest variant of remote access tool (RAT) used:

Our investigation indicates that the campaign has existed since at least November 2013 but has remained active until today. This post intends to share the results of our research.

Infection Vector

Spear-phishing... Read More

We’re only weeks away from revealing all the NEW security challenges we’re watching for in 2017. In anticipation, we examined last year’s predictions to see how accurately we judged security trends for 2016 and grade ourselves on the results.

Want to know what the next wave of Ransomware will look like? Or the impact AI may have on your organization’s data security? Forcepoint’s 2017 Security Predictions goes live November 14. Register now for your region’s webcast and find out what... Read More

Modern firewalls are no longer just networking devices. While newer cyber security safeguards sometimes get the fancy headlines, truly innovative firewalls are providing new levels of protection every day on the frontlines. Case in point: defending against Advanced Evasion Techniques (AETs, not to be confused with APTs, Advanced Persistent Threats).   Not all firewalls take the same approach.

Today’s attackers are increasingly using AETs to probe and sneak through traditional... Read More

Last month, Yahoo announced that hackers had stolen personal information linked to at least 500 million user accounts. The compromised information included login names, hashed passwords, email addresses, phone numbers and birth dates, along with secret security questions and answers. The breach originally occurred sometime in 2014, but the company did not disclose until the September 2016 announcement. Given that Verizon is currently in the process of acquiring Yahoo for $4.83... Read More

To continue our series on National Cyber Security Awareness Month, we turn our attention this week to a troublesome trend which has emerged as the “It” threat of the moment: ransomware.

Once considered as an attack technique primarily targeting consumers, ransomware adversaries are now aggressively going after government agencies and commercial companies. With the surge in activity, the FBI expects ransomware extortion losses to total $1 billion this year.

As the author of a... Read More

Visit Forcepoint at the Air Traffic Control Association (ATCA) Annual Conference – 16-19 October 2016, Gaylord National Resort & Convention Center, National Harbor, MD.

 We’re in the Raytheon booth 413

By Stacey Winn

... Read More

We at Forcepoint are as eager as any for the upcoming season 7 premiere of The Walking Dead this October. What’s not to like about watching everyday heroes battle the zombie “walkers” among us?

In fact, with National Cyber Security Awareness Month also taking place this month, I often view the ever-evolving phenomenon of the insider threat much like AMC’s zombie universe. It’s not easy to tell who will become a walker and when. So it’s best to assume that anyone and... Read More

By Dan Velez, Senior Manager of Insider Threat Operations

Standing at the podium at a security leaders meeting, I saw his hand shoot up. “The Wells Fargo story – would your SureView Insider Threat have detected that problem?” The question makes me chuckle. I hear questions like this a lot at these events.

According to news reports, as far back as 2011 Wells Fargo employees purportedly fabricated millions of accounts in order to fraudulently achieve steep sales goals.  While... Read More

FREEMAN is a uniquely positioned security research project conducted by Forcepoint Security Labs™. It identifies unknown risks and threats that accompany a specific piece of abandonware commonly used by the security research community. We have released our research in the form of a whitepaper. A download link is provided below.

“What started out as a simple ‘what-if?’ activity, quite literally set-up from the back rows of a talk at Blackhat Europe in 2015, soon turned into a long-... Read More

By Dan Velez, Senior Manager of Insider Threat Operations

Recently I saw a story about Alibaba firing some of its employees after they “hacked into the internal sales system” to order more than their fair share of some highly-prized mooncakes made available only to employees.

It would appear an internal user threat monitoring program exists within Alibaba because one of the employees was allegedly asked to leave a scant two hours after the fraudulent activity was discovered.... Read More