Indicators of compromise (IOCs) are an incredibly important forensic artifacts which, as the name suggests, are used in incident response and threat research to discover if a system has been compromised. They come in various forms, for example, unusual outbound network traffic, an MD5 file in a temporary directory, or even log-in irregularities. One class of IOCs so far resistant to detection by traditional methods relates to the use of external content in web-based attacks.
At Black Hat Europe earlier today, Trend Micro senior security researcher Marco Balduzzi, explained how a new machine learning approach can reap fantastic results for early detection of such threats. Continue reading →
Today’s IT security bosses are assailed from all sides by a huge variety of online threats. They’re designed to exploit known and unknown vulnerabilities across cloud, mobile, virtual and hybrid environments. And increasingly, they’re developed to outwit traditional signature-based tools. Yet the impact of these threats has never been greater. Data breaches and service outages can lead to heavy industry fines, damage to the brand, lost customers, remediation and clean-up costs, and even heft legal bills.
That’s why we have developed a new statistical-based approach designed to learn as it goes to detect modern unknown threats. This XGen approach was revealed at Black Hat today by senior researcher, Marco Balduzzi. Continue reading →
We have been successfully protecting consumers and organisations around the world for over 28 years now. And if anyone is wondering what the secret to sticking around for so long is, I’d have to say that our forward-looking threat researchers have played an absolutely vital role. Their hard work predicting where the next major threats will come from lays much of the groundwork for our industry leading product set and has helped differentiate the company as a reliable source of ground-breaking research.