
Search


Security Operations Team
- Nov 8, 2019
- 2 min
Capesand Campaign being watched closely
The team at Jigsaw Security is watching closely a campaign known as Capesand. It appears as though the exploit kit is in active development and we have been tracking activity associated with the threat actor. The exploits observed are not all new but newer vulnerabilities are being leveraged to gain a foothold on victims computers. Observed Vulnerabilities Some of the observed vulnerabilities include CVE-2019-0752 aimed at targeting Internet Explorer users and CVE-2018-4878 a
27 views0 comments

Jigsaw Security
- Sep 10, 2019
- 2 min
Cloudflare now hurting just as much as it is helping
During a recent review of threat intelligence data, our team outlined something we have known for quite awhile. In short Cloudflare the provider the protects companies from DDOS attacks is also propagating malicious content and caching it even after it has been taken down elsewhere. We previously reported on some issues with Verizon in which we observed caching and CDN's hosting thousands of unique malware samples that updated daily so we suspected this same issue would also
18 views0 comments

Security Operations Team
- Jul 18, 2018
- 1 min
DASH Cryptocurrency Mining Campaign
We have been watching a campaign that appears to be generating quite a bit of revenue for the threat actors. We started seeing this a few weeks back but the level of activity is increasing so we thought we would share some information with our readers. A known accomplice The domain associated with this activity www.pvtntwk[.]com is known to the Jigsaw Security team as well as VirusVault. We started seeing reports of malware being pushed from this domain starting a few weeks b
10 views0 comments

Security Operations Team
- Jun 23, 2018
- 5 min
Fileless Malware and the Demise of Anti-Virus
One of the most common questions we get at Jigsaw Security is routinely the question as to whether or not Anti-Virus protection is enough. When we tell our customers that we don't run Anti-Virus, some ask why and other tell us were crazy. In fact we have not run persistent Anti-Virus products since 2012. The reason being is that Anti-Virus will not detect several types of malware and is in our opinion wholly outdated. This is why vendors such as Symantec and OpenText use endp
18 views0 comments

Anonymous Contributor
- Jan 22, 2018
- 4 min
APT28 Ramping Up and Fast...
Jigsaw Security is aware of a highly successful campaign to target Government and security industry professionals the world over. On 18 January, 2018 Jigsaw Security detected highly suspicious traffic on Windows, Linux, Android and Mac devices. We have seen similar information published from Lookout Security and at first we thought that it was just another campaign. What is troubling is that the indicators being shared are now outdated and the threat actors have moved on to a
150 views0 comments

Development Team
- Oct 31, 2017
- 2 min
Elasticsearch, MISP and Maltrail Integration
The Security Development Team is pleased to announce that we are in final testing of an Elasticsearch, MISP (Malware Information Sharing Platform) and Maltrail sensor integration our EMM solution. We expect to release the EMM VM on November 1st, 2017. The VM will only be available as open source but those customers wanting to use Jigsaw Threat Intelligence must subscribe to get an API key for our malware feed. Maltrail: Maltrail is a malicious traffic detection system that is
1,571 views0 comments

Jigsaw Security Enterprise Intelligence Team
- Aug 25, 2017
- 3 min
Shifts in Antivirus - From our perspective
One of the things we have noted is there is a shift away from Anti-Virus products and a move toward better technologies such as network traffic string detection. As we reported earlier this year we are seeing very specific attacks on Anti-Virus technology itself. In fact we have seen some actors targeting the Anti-Virus eco-system by exploiting the fact that Anti-Virus has to run as a privileged process to actually be effective. Because of this hackers are starting to target
14 views0 comments

Security Operations Team
- May 14, 2017
- 1 min
WCRY Killswitch Engaged, Killswitch Removed
In case you haven't been following the recent news a new variant of malware known as WCRY has been causing havoc in several countries with limited exposure so far in the US. What is interesting is that the author of the malware included a killswitch that was activated by a security researcher as soon as he identified it. This slowed the initial infection but has since been removed with additional samples being spotted that do not require the domain that was sinkholed to infec
17 views0 comments
{"items":["5e4ca551f928750018619e63","5e4ca5511bf5dc0017c7277b","5e4ca5519e14e70017925080","5e4ca55368b7c900174f2566","5e4ca55473d69f0017fafd71","5e4ca55675380f0017ded4b0","5e4ca55613388c0017b3f3d6","5e4ca5577592c700175df522","5e4ca55775380f0017ded4b4"],"styles":{"galleryType":"Columns","groupSize":1,"showArrows":true,"cubeImages":true,"cubeType":"fill","cubeRatio":1.3333333333333333,"isVertical":true,"gallerySize":30,"collageAmount":0,"collageDensity":0,"groupTypes":"1","oneRow":false,"imageMargin":32,"galleryMargin":0,"scatter":0,"rotatingScatter":"","chooseBestGroup":true,"smartCrop":false,"hasThumbnails":false,"enableScroll":true,"isGrid":true,"isSlider":false,"isColumns":false,"isSlideshow":false,"cropOnlyFill":false,"fixedColumns":1,"enableInfiniteScroll":true,"isRTL":false,"minItemSize":50,"rotatingGroupTypes":"","rotatingCropRatios":"","columnWidths":"","gallerySliderImageRatio":1.7777777777777777,"numberOfImagesPerRow":1,"numberOfImagesPerCol":1,"groupsPerStrip":0,"borderRadius":0,"boxShadow":0,"gridStyle":1,"mobilePanorama":false,"placeGroupsLtr":true,"viewMode":"preview","thumbnailSpacings":4,"galleryThumbnailsAlignment":"bottom","isMasonry":false,"isAutoSlideshow":false,"slideshowLoop":false,"autoSlideshowInterval":4,"bottomInfoHeight":0,"titlePlacement":"SHOW_ON_THE_RIGHT","galleryTextAlign":"center","scrollSnap":false,"itemClick":"nothing","fullscreen":true,"videoPlay":"hover","scrollAnimation":"NO_EFFECT","slideAnimation":"SCROLL","scrollDirection":0,"scrollDuration":400,"overlayAnimation":"FADE_IN","arrowsPosition":0,"arrowsSize":23,"watermarkOpacity":40,"watermarkSize":40,"useWatermark":true,"watermarkDock":{"top":"auto","left":"auto","right":0,"bottom":0,"transform":"translate3d(0,0,0)"},"loadMoreAmount":"all","defaultShowInfoExpand":1,"allowLinkExpand":true,"expandInfoPosition":0,"allowFullscreenExpand":true,"fullscreenLoop":false,"galleryAlignExpand":"left","addToCartBorderWidth":1,"addToCartButtonText":"","slideshowInfoSize":200,"playButtonForAutoSlideShow":false,"allowSlideshowCounter":false,"hoveringBehaviour":"NEVER_SHOW","thumbnailSize":120,"magicLayoutSeed":1,"imageHoverAnimation":"NO_EFFECT","imagePlacementAnimation":"NO_EFFECT","calculateTextBoxWidthMode":"PERCENT","textBoxHeight":0,"textBoxWidth":200,"textBoxWidthPercent":50,"textImageSpace":10,"textBoxBorderRadius":0,"textBoxBorderWidth":0,"loadMoreButtonText":"","loadMoreButtonBorderWidth":1,"loadMoreButtonBorderRadius":0,"imageInfoType":"ATTACHED_BACKGROUND","itemBorderWidth":1,"itemBorderRadius":0,"itemEnableShadow":false,"itemShadowBlur":20,"itemShadowDirection":135,"itemShadowSize":10,"imageLoadingMode":"BLUR","expandAnimation":"NO_EFFECT","imageQuality":90,"usmToggle":false,"usm_a":0,"usm_r":0,"usm_t":0,"videoSound":false,"videoSpeed":"1","videoLoop":true,"jsonStyleParams":"","gallerySizeType":"px","gallerySizePx":940,"allowTitle":true,"allowContextMenu":true,"textsHorizontalPadding":-30,"itemBorderColor":{"themeName":"color_12","value":"rgba(204,204,204,0.75)"},"showVideoPlayButton":true,"galleryLayout":2,"targetItemSize":940,"selectedLayout":"2|bottom|1|fill|true|0|true","layoutsVersion":2,"selectedLayoutV2":2,"isSlideshowFont":false,"externalInfoHeight":0,"externalInfoWidth":0.5},"container":{"width":940,"galleryWidth":972,"galleryHeight":0,"scrollBase":0,"height":null}}