Hunting for Rogue PowerShell Profiles

During the earliest phases of an intrusion, attackers typically move to establish persistence on at least a subset of compromised systems. This might be to ensure that they can easily regain access to the victim environment, such as via a backdoor, or to keep other forms of malicious code running, such as a keystroke logger....

Going Back to Basics to Prevent Ransomware Attacks

Ransomware attacks are now daily news as new malware families emerge with nearly the same frequency and enterprises increasingly become the targets. In fact, ransomware has become so pervasive the US and Canada this month issued a joint cyber alert warning about the recent surge in attacks. Ransomware typically enters a network as a seemingly...

On Stage at the 2016 RSAConference

Q&A with Tanium’s Ryan Kazanciyan & Andre McGregor Two familiar Tanium faces will take the stage during the 2016 RSAConference next week: Director of Security Andre McGregor will speak on “The Shadowy Cyber Attack — State Sponsors of Terror and Cyber Terrorists” on Wednesday, March 3 and Chief Security Architect Ryan Kazanciyan will be presenting “IOCs are...