A sophisticated Phishing campaign targeting Microsoft 365 users is exploiting trusted infrastructure to bypass email security. Victims are tricked into calling fake support numbers, leading to the installation of stealer malware on their Windows machines. When email security fails, then more attacks reach the next typical line of defense, AV/EDR/XDR. Combine the social engineering with EDR/XDR weaknesses, any enterprise will wake up to a nightmare when these threat actors phish them. Unless, the enterprise deploys an additional layer of endpoint protection that does not employ any form of pattern-matching to detect malware. Instead, that layer employs controls-based protection that blocks what the malware needs to do despite it all.

The rise of ObscureBAT malware, with its clever use of fake CAPTCHAs and rootkits, exposes a hard truth: detection-based tools like EDR/XDR often can’t keep up with today’s evasive threats. That’s where AppGuard shines.
Our controls-based approach stops ObscureBAT by restricting what can run and what running applications can do—blocking malicious moves before doing harm. It’s the perfect complement to detection tools, creating a defense that’s both proactive and resilient.

One web browser for all web browsing can expose employer secrets and assets to greater risks. Three web browsers can be more secure than one by separating sensitive work from less sensitive work and from personal activities. Adding AppGuard to your endpoints, protects them from attacks, protects web browsers from their PC, protects PCs from their web browsers, and protects web browsers from other web browsers.

Cyber threats are increasingly targeting port and shipping operations, with traditional antivirus (AV) and endpoint detection and response (EDR) solutions often failing to stop sophisticated attacks. Recent incidents have shown that ransomware can cause massive disruptions, affecting global supply chains. This blog post delves into why existing defenses fall short and how enhancing malware protection can safeguard against these evolving threats.

Enterprises rarely reveal what endpoint protection tools were in place during a malware incident or breach. Given the size of EDR/XDR adopting enterprises, let’s recap why there are malware detection gaps, what malware incidents probably evaded EDR/XDR, and what enterprises can do to mitigate risks from their malware detection gaps.

Ultimately, AppGuard is the best solution for keeping the water flowing, the electricity on, and other vital infrastructure running when FBI Director Wray’s warning becomes devastating denial of service attacks. AppGuard is a controls-based tool based on three fundamental controls: launch, containment, and isolation. The combination of these defeats sophisticated attacks. The patented technology makes it practical; it automatically adapts to endpoint changes and unanticipated activities.

Like countless other malware samples, AppGuard stops attacks featuring Mallox ransomware by not allowing the actions it must successfully complete to achieve its goals. This blog post walks readers through how one predicts the outcome when malware runs on a host with controls-based endpoint protection such as AppGuard. Readers will also gain a better understanding of how detection-based anti-malware (AV, EDR, XDR, etc) differ from controls-based endpoint protection such as AppGuard.

Tools similar to ChatGPT will make detecting malware attacks even more difficult and generally make cyber risks worse for everybody. Read more here about how nearly every tactic of the Mitre ATT@CK framework will be impacted.

There are many pedantic frameworks about applying zero trust principles to rein in exorbitant cyber defense costs. The zero trust concept can be simpler than you might realize. Consider the use of devices (PCs, servers), networks, and cloud infrastructure: for every action allowed, something could go terribly wrong that requires somebody to respond when it […]

Based on ITRC’s annual 2021 data breach report, one should choose improvements in endpoint protection over other cybersecurity choices for 2022 should do more to improve malware risk mitigation and decrease IT/Sec-Ops costs. We believe the best way to achieve this is by filling detection gaps with zero trust WITHIN endpoints.