Every day, a renowned hospital serves the needs of over a million patients, delivering not only world-class care but also hope for healthier futures. But behind the scenes, the hospital’s small but mighty security team was feeling the strain. With two hospital campuses, multiple regional centers, and more than 50 care locations, the pressure to […]

The post Lessons From the Field: How a Hospital Turned Cyber Challenges Into a Success Story  appeared first on Binary Defense.

Written by ARC Labs contributors, John Dwyer and Eric Gonzalez ARC Labs recently capture and analyzed the second and third stage payloads used during a Cleo MFT compromise. The compromise is a result of exploitation of CVE-2024-50623 which allows for unauthorized remote code execution. Additional reports suggest that exploitation of the vulnerability continues to be possible even after […]

The post Cleo MFT Mass Exploitation Payload Analysis appeared first on Binary Defense.

The complexities of cybersecurity often seem insurmountable for large enterprises. For one global manufacturing company, this was a lived reality. With a workforce of over 60,000 employees, more than 450,000 clients, and a steady stream of mergers and acquisitions, their security team faced challenges that felt increasingly impossible to solve. Yet, their journey toward building […]

The post Lessons from the Field: How a Manufacturing Giant Transformed Its Security Posture  appeared first on Binary Defense.

Written by ARC Labs contributor, Shannon Mong Threat Overview  Binary Defense ARC Labs’ threat researchers recently dissected a Rhadamanthys Stealer infection chain to uncover detection opportunities that defenders can leverage to strengthen organizational security. In this analysis, we provide general detection guidance and actionable queries for detecting Rhadamanthys Stealer.  Recent Campaign Insights  Rhadamanthys Stealer surfaced on underground […]

The post Rhadamanthys Stealer Analysis for Detection Opportunities  appeared first on Binary Defense.

With nearly every MSSP and Security company claiming to do Managed Detection and Response (MDR) it’s more important than ever to choose the right MDR provider. Before you start evaluating potential partners, it’s crucial to step back and clearly define your organization’s security objectives. This not only helps in selecting the right provider but also […]

The post How to Define Your Security Objectives Before Choosing an MDR Provider  appeared first on Binary Defense.

Written by ARC Labs contributors, John Dwyer, Eric Gonzalez at Binary Defense and Tyler Hudak at TrustedSec In cybersecurity, the threats we don’t see—or don’t expect—often pose the greatest danger. Recently, this became all too clear when three unmanaged AIX servers, sitting exposed on the internet, opened the door for a China-Nexus Threat Actor to launch an […]

The post Shining a Light in the Dark – How Binary Defense Uncovered an APT Lurking in Shadows of IT appeared first on Binary Defense.

Integrating Binary Defense Dedicated Security Resources into your team brings deeper insights and proactive defense, far beyond what staff augmentation can offer.

The post How Our Dedicated Resources Differ from Staff Augmentation  appeared first on Binary Defense.

How Malware Uses Sleep Cycles to Avoid Detection

The post Understanding Sleep Obfuscation appeared first on Binary Defense.

"Fight Your Enemy Where They Aren't - Sun Tzu"

The post Cybersecurity Moneyball Part 2: Binary Defense’s New Paradigm in Malware Detection appeared first on Binary Defense.

Threat Hunting has transitioned from being a luxury to a fundamental necessity

The post The Imperative of Threat Hunting for a Mature Security Posture   appeared first on Binary Defense.

This post was written by John Dwyer, Director of Security Research at Binary Defense, and made possible through the contributions of TrustedSec Senior Research Analyst Kevin Haubris and Eric Gonzalez of Binary Defense. ARC Labs recently recovered a tool leveraged in Qilin ransomware attacks aimed at impairing defenses by disabling popular endpoint detection and response […]

The post Technical Analysis: Killer Ultra Malware Targeting EDR Products in Ransomware Attacks appeared first on Binary Defense.

"When your enemies are making mistakes, don't interrupt them. They’re just giving you an out, man. They’re just giving it to you. Take it and say thank you." (Moneyball [Motion Picture], Columbia Pictures)

The post Cybersecurity Moneyball Part 1: Managed Deception for Easy Outs  appeared first on Binary Defense.