menu

Contact Us

1 (800) 723-1166 |

All Blogs

By Dan Velez, Director, Insider Threat Operations

This is the season for New Year’s resolutions. Of course, we all realize that some of these “promises” are easier to keep than others. But if experience has taught us anything, it’s that we meet with more success here when our goals are tangibly beneficial and realistically achievable: We know what positive outcomes we’ll derive. And getting there won’t overwhelm us to the point where we quit.

We should take the same approach... Read More

The holidays are the perfect time to reflect on this year’s experiences, successes and resolutions for the impending New Year. While self-analysis can sometimes be a grey area, how employees treat data is much more black and white. If there’s anything 2016 has taught us, it’s that treatment of important data is just as important as the security tools organizations have in place. This is backed up by data of course, most recently with a Forrester Research study that saw a staggering... Read More

Forcepoint Named Best Network Security/Enterprise Firewall Winner in 8th Annual Government Security News Homeland Security Awards

Everyday federal agencies must counter and prevent a range of cyber threats designed to disrupt the most sensitive systems, data and applications on which they and our country’s critical missions depend. Forcepoint’s Stonesoft® Next Generation Firewall (NGFW) was designed to deliver the networking, scalability and security needed for our federal agencies... Read More

Like us, cybercriminals enjoy the festive season and that can sometimes reflect in their malicious activities. In 2011 we saw a Zeus banking trojan Panel - a user interface for herding Zeus-infected machines - with a Christmas-themed background. This time Forcepoint Security Labs™ has noticed that the CryptXXX gang have started to offer Christmas discounts to victims who intend to pay ransom.

Also known as UltraCrypter, CryptXXX is one of the active ransomware families currently in... Read More

First spotted in February 2016, the Locky crypto-ransomware has become a dangerous threat to both large organisations and residential users alike. In this blog we give a brief overview of what Locky is and cover the significant aspects of its infamous history.

What is Locky?

Locky is a crypto-ransomware which aims to infect machines, encrypt sensitive information, and hold the data to ransom by requesting a payment to get the files decrypted.

Locky actors aim to... Read More

On the first day of Christmas, our sales guy gave to me: A network-crushing phishing scam exploit.

On the second day of Christmas, the finance department gave to me: Two ransomware shutdowns, and another phishing scam exploit.

On the third day of Christmas, the CEO gave to me: Three botnets spamming, two more ransomware shutdowns and yet another phishing scam exploit …

OK, you get the picture by now: If it’s the holidays, your cybersecurity team members may be asking... Read More

What is Sledgehammer?

Operation Sledgehammer translated into Turkish is Balyoz Harekâtı, which was the name of a 2003 attempted military coup d'etat in Turkey. It’s also the name of a recent Distributed Denial of Service (DDoS) attack that targeted organizations with political affiliations that the attacker deems out of  line with Turkey’s current government. These organizations include the German Christian Democratic Party (CDU), The People’s Democratic Party of Turkey, the Armenian... Read More

The Horse Pill rootkit was presented at Black Hat 2016 by Michael Leibowitz, a security engineer and member of the Red Team at Intel. Horse Pill is a proof-of-concept Linux rootkit that demonstrates two interesting techniques: 1. infecting systems via the initial ramdisk, and 2. deceiving system owners using container primitives. In this article we explore those techniques and how our product, Forcepoint Threat Protection for Linux, fares against them.

Initrd Infection

The initial... Read More

Back in 2012, we saw the first malware abuse to cloud-storage services in the form of an information-stealing trojan. The trojan collected Microsoft Word and Excel files from affected PCs, archived them, and then uploaded the archive to the file hosting website, SendSpace, so that it can be later accessed by the cybercriminals behind it. Fast forward to today, and the same abuse has become a de facto standard for many cybercriminals, perhaps primarily for spreading malware. Free... Read More

The early years were tough years for the Plymouth colonists. To celebrate the success of their first harvest, they invited their neighbors, the Wampanoag tribe, to share in an autumn harvest feast in gratitude for their early help providing food to the colonists during the first winter when supplies were insufficient. The first Thanksgiving was meant to commemorate the collaboration between the two groups and to share in their collective bounty.

In much the same way, 2016 has been a... Read More