CodeHunter is defining the Zero Trust for Code category and the execution control plane that extends Zero Trust principles to software. Every artifact is untrusted by default. Trust is earned through behavioral verification.

Abstract digital data corridor representing large-scale software execution activity and the importance of verifying and controlling code behavior before it runs

Adapting to the Cybersecurity Skills Gap

/in , /by

In today’s digital age, cybersecurity has become paramount for organizations of all sizes. The demand for cybersecurity professionals has surged dramatically due to the growing number and complexity of cyberattacks. But supply has not met demand, as cybersecurity is not a widely popular education choice and is commonly one of the most dropped majors in college. In 2023 there were roughly 4 million cybersecurity professionals needed worldwide. The profession needs to almost double to be at full capacity.

Read more

Phishing lure targeting users as an entry point for malicious software, highlighting the risk of unauthorized code execution without pre-execution controls

Train Employees to Reduce Vulnerability to Phishing

/in , /by

In the ever-evolving landscape of cybersecurity threats, phishing is one of the most pervasive- and successful- attack vectors. This technique preys on human fallibilities rather than exploiting technical vulnerabilities, making it particularly challenging to defend against. According to IBM social engineering, the use of deceptive techniques to trick individuals into divulging sensitive information, accounts for 29% of breaches.

Read more

Abstract network map visualizing large-scale software execution activity across environments and the importance of verifying and controlling code behavior before it runs

CodeHunter Launches New Enterprise Solution

/in /by

Helping organizations solve tomorrow’s cybersecurity problems today

The modern cyber threat landscape is terrifying, even for those of us who have lived in this environment for decades —especially for those of us who have lived in it for decades. State actors perpetrate global attacks against other governments. Critical infrastructure, such as hospitals and energy, are among their targets. And the work-from-home trend accelerated by the pandemic has only expanded the potential attack surface for cybercriminals large and small.

To address these increasingly severe cyber threats, CodeHunter has launched a new platform to hunt malicious code across the enterprise. Using a patented approach to behavior computation and binary analysis, CodeHunter automates the detection and analysis of dangerous code — and does it at scale.

CodeHunter: A New Enterprise-Grade Threat to Malware

CodeHunter picks up where existing cybersecurity solutions leave off, discovering vulnerabilities you didn’t know you had.

While today’s cybersecurity relies on signatures, sandboxing, or reverse engineering to determine if a specific file is malware, CodeHunter proactively detects and analyzes threats buried deep within your environment.

CodeHunter’s patented approach dramatically decreases the time to malware discovery and provides you with deep visibility across your entire enterprise. With our detailed analysis, your organization can protect itself from cybercriminals, narrow the cybersecurity skills gap, and automate what — until now — has been a slow manual process.

Learn how CodeHunter can automate threat hunting for your organization here.
Modern security workstation visualizing active software analysis and the importance of verifying and controlling code execution before it is allowed to run

CodeHunter: Automating Cybersecurity

/in /by

Tomorrow’s cybersecurity today

 

Inexperience is one of cybersecurity’s biggest problems. Globally, 3.5 million cybersecurity jobs remain unfilled due to a lack of available talent and expertise. This shouldn’t come as a surprise, given that even entry-level cybersecurity positions require three or more years of experience.

Luckily, CodeHunter is helping to fix that problem.

CodeHunter Helps Bridge the Cybersecurity Skills Gap

“The whole idea behind CodeHunter was to take a very complex manual process, simplify it, and automate it,” says CodeHunter CTO Chris O’Ferrell.

Companies can rely on CodeHunter’s automated cyber defense system to continually scan executable files and proactively detect threats.

CodeHunter goes one step further than existing cybersecurity tools that only scan for known malware by exposing malicious behaviors hidden inside otherwise innocent-looking executable files.

By automating this search for suspicious behavior, CodeHunter completes weeks’ worth of manual reverse engineering in mere hours.

Give Your Cybersecurity Team a Jumpstart on Malware

Automated reverse engineering and code behavior analysis allows even entry-level cybersecurity professionals to quickly expose and analyze potential threats to their organizations’ systems, maintaining rigorous cybersecurity practices.

As CodeHunter CEO Larry Roshfeld says, “CodeHunter gives people the ability to rest easy knowing they’ve proactively protected themselves in the best possible way.”

Learn more about how CodeHunter can help your organization automate its malware detection and analysis process to bridge the cybersecurity skills gap.

 

Learn More

 

Zero Trust for Code illustration showing CodeHunter governing software execution by verifying behavior before code is allowed to run

What Is Malware — and Why You Should Give a Sh*t

/in /by

It’s Time to Face Escalating Malware Threats

What Is Malware?

Malware is malicious software designed to infect your devices and networks — sometimes for financial gain and sometimes just for the thrill of causing trouble. It can gain unauthorized access to sensitive data, prevent access to your device and network in exchange for ransom, or sell your passwords to someone else — often on the Dark Web. In summary, its aim is to destroy.

While malware has been around since the ‘80s, many of today’s threats are firmly future-facing — including extremely advanced, AI-driven malware that can evade detection and hide in code for years. This shouldn’t come as a surprise: technology is constantly evolving, and malware is no exception.

Malware’s Impact on Daily Life

2021 is being called the year of ransomware. Cyber attacks are more sophisticated, coordinated, and well-funded than ever — and they’re happening all the time. An organization is attacked by ransomware every 11 seconds — with annual damages projected at $20 billion. And that’s just ransomware, only one type of malware out of dozens. The total losses due to cybercrime in general are predicted to approach upwards of $6 trillion annually.

From government and financial institutions to small businesses, schools, and global corporations, organized cyber criminals are now ruthlessly attacking all industries — in addition to critical infrastructure like hospitals and transportation. The result? Cyber attacks are now threatening lives as well as sensitive data. According to the Wall Street Journal, a ransomware attack on a Las Vegas hospital chain “nearly brought Las Vegas hospitals to their knees” — and another at a New York trauma center stopped services and delayed care. To put it bluntly, people died from malware in 2021; it’s not just about loss of productivity and profits anymore — it’s about loss of life.

You don’t have to look far to find evidence of escalating malware threats:

Foreign attacks on the U.S. government were reported during the SolarWinds attack.

  • A zero-day attack in September at Microsoft allowed hackers to gain administrative control on Windows 10, 11, and Windows servers.

  • Ransomware at the Colonial Pipeline Company halted operations, disrupting energy consumers from Texas to New York.

  • Ransomware shut down meat processing plants at JBS, responsible for one-fifth of the nation’s meat supply. 

Know Your Enemy: The Common Types of Malware

To understand growing threats to personal identifiable information (PII) and business operations, it helps know what you’re up against. These are the most common types of malware:

  1. Ransomware Ransomware essentially encrypts and “kidnaps” your files and systems — demanding ransom in exchange for a decryption key.

  2. Viruses Viruses are malicious code designed to replicate and spread between devices when a user host triggers activation, causing damage and oftentimes destroying devices.

  3. Worms Worms are stand-alone malicious programs that can replicate and spread themselves to other devices and computers across a network.

  4. Spyware True to its name, spyware is any malware designed to spy on you and monitor your behaviors to collect PII. Spyware can discover passwords to sensitive accounts, including your financials.

  5. Keyloggers Keyloggers record your keystrokes in order to gain access to your accounts.

  6. Trojan Horse A Trojan Horse is a malicious program that is downloaded onto your computer — often hidden inside an innocuous looking email (hat tip to Virgil). A common way of gaining access to your corporate devices and systems, a Trojan Horse hides by mimicking legitimate programs.

  7. Malvertising Malvertising spreads malware with legitimate online advertising. As if in-stream video ads weren’t awful enough.

  8. Adware Adware is software that automatically generates advertisements on your device without your consent.

  9. Rootkits Rootkits are hidden malicious software and programs that allow administrative access to devices and systems.

How Does Your Device Get Infected With Malware?

From getting phished to downloading apps with malicious code, there are many different ways malware can infect your devices. Most of them are common mistakes people make every single day. In cybersecurity research, it’s called negligence — a fancy way of saying someone screwed up, big time.

According to a 2021 Cyber Security Trends Report from PurpleSec, 98% of all attacks are social engineering — think phishing (a bad guy pretending to be a good guy to get sensitive information from a trusting user) and spam emails. Social engineering manipulates a person to share PII, sensitive data, or offer up credentials that grant administrative access to systems and networks.

Occasionally, malware can infect your devices through vulnerabilities in the operating system or through compromised software. The most risky type of vulnerability is a zero-day threat. During zero-days, a bad actor exploits unknown vulnerabilities in applications, servers, systems, or networks. Other times, devastating attacks occur despite known vulnerabilities and available patches — because people fail to patch and update their applications and systems.

Here are the most common ways your devices get infected with malware:

  1. Social Engineering

  2. Phishing and Malspam Emails

  3. Downloading Apps With Malicious Code

  4. Visiting Non-secure Websites

  5. Malvertisements and Adware

  6. Vulnerabilities in the Operating System

  7. Vulnerabilities in the Network

  8. Compromised Software

I have an antivirus program on my computer, so I’m safe, right?

No. Your car has brakes and seat belts. It doesn’t mean you can’t get in an accident, does it?

How Can You Detect and Remove Malware?

Before you can remove malware, you need to be able to detect it. Sometimes, your device simply stops working — or the malware blatantly pops up on your screen. Most of the time, however, malware is harder to detect. Malware may stay hidden in software for six to seven years before it’s triggered. More advanced malware is designed to hide as it operates, so it can access more information and infect more devices.

If you suspect one of your devices have been infected, get help, fast, from an expert. The longer you wait, the worse it will be. Pretending everything is fine is not going to make anything better.

To detect malware and remediate the problem, consider the following solutions:

Advanced Malware Detection: If you’re working with a larger tech stack or want to confirm your files are clean, you’ll need more advanced malware detection solutions like CodeHunter Pro. CodeHunter Pro finds malware and suspicious behaviors in executable files without sandboxes, signatures, or source code — and detects malware that might be hidden or lying dormant. Zero-day attacks and sleeper code can’t hide, even if obfuscated or scattered throughout software code.

Strong Antivirus Programs: A strong antivirus program can detect — and often remove — many types of malware.

Manual Removal: Rogue registry keys, individual files, and malware designed to prevent removal are common — you’ll need to manually remove the malicious software.

Restore a Backup: You can try restoring your data to a known point before malware infected your devices.

CodeHunter brand mark representing Zero Trust for Code and pre-execution control over what software is allowed to run

Insider Threats: The Danger Within Your Own Walls

/in /by

Reassessing Your Cybersecurity Framework From The Inside Out

Remember the days when you could build a secure perimeter around your business and feel safe? With corporate boundaries shifting from the office to remote work locations, company leaders and cybersecurity pros must secure sensitive data, systems, and networks from the inside out.

Insider Threats: A Costly Mistake

Hollywood encourages the idea that insider threats are often due to malicious actors housed within our own walls. In reality, internal leaks are far less glamorous — and mostly unintentional.

According to a 2021 Cyber Security Trends Report from PurpleSec, 63% of security breaches stem from negligence. This includes sending emails to the wrong address, failing to protect passwords, or falling victim to social engineering. In fact, 98% of all attacks are social engineering — most often phishing attacks that manipulate people into sharing personal information, sensitive data, or credentials that allow access to confidential systems and networks.

Insider Attacks: A Rising Concern

While far less common, insider attacks are a rising concern. Malicious internal attacks are often linked to disgruntled employees — or former employees — with access to sensitive data.

On a recent episode of OzCyber Unlocked, two investigators share their experiences of intentional insider attacks. One investigator uncovered the identity of a resentful employee who stole data from his company’s client and held it for ransom in an act of revenge. A separate investigation discovered several illegal hotspots at a financial institution, three of which were found to be suspicious — including one device planted under the floorboards.

A recent BBC article highlights employees secretly taking on secret full-time jobs. These overemployed individuals are typically looking to game the system, increasing their income while asserting a sense of control. It’s easy to imagine this scenario going wrong and a conflicted employee, with access to sensitive data across several companies, becoming an insider threat.

A New Framework: A Holistic Approach to Cybersecurity

You can assume your organization faces some degree of risk — what kind and how much depends both on your cybersecurity framework and the solutions you adopt to secure your data. Consider combining clear policies with the right methods and tools to close security gaps and address insider threats — including the following basic recommendations:

Staff Training

Employees at all levels, especially leadership, must be educated about strong passwords, multi-factor authentication (MFA), and cybersecurity best practices.

Role-Based Access Controls

Access to sensitive data should be limited to those employees who need it to do their current jobs.

Stay Current with Security Patches for Commercial Software

Commercial software should be kept current and tested regularly.

Evaluating Internally Developed Software

Internally developed applications, especially legacy applications, can provide an even greater opportunity for damage than commercial software. Put in place procedures for assessing potential exposure from custom applications

Learn More:

For more information on preventing insider attacks, see Microsoft’s “Uncovering Hidden Risks” podcast series.