Detecting Cyber Recon Using Network Signals

Author: David Monnier What's the value of a packet? How about three packets? In this post I'll show how you can identify potential reconnaissance being conducted on a network, including identifying the potential target, by taking specific note of one type of ICMP packet being produced by your border device. ICMP, or Internet Control Message... Continue Reading →

Azorult – what we see using our own tools

The Value of Being Able to Perform Threat Analysis outside the Boundaries of Your Enterprise... Looking at Dmitry Bestuzhev’s piece about AZORult cryptominer spreading as a fake ProtonVPN installer[1],   I took a glance in Augury at what we have for the malware hashes he provided and many are still very low in terms of their detection... Continue Reading →

May 6 – 7: RISE Colombia

Team Cymru is pleased to announce RISE Colombia! Come see us there! We will be in Colombia from May 6 - 7. We are happy to be working with our partners from LACNIC to host this event alongside LACNIC33! For more information and to register for this event, please register here. Don't know the password?... Continue Reading →

January 13 – 15: RISE Finland

Team Cymru is pleased to announce RISE Finland! Come see us there! This event runs from January 13 - 15, 2020. We are happy to be coming back to the beauty of Finland and the Baltic Sea a second time! For more information and to register for this event, please register here. Don't know the... Continue Reading →

December 2 – 4: RISE USA

Team Cymru is pleased to announce RISE USA! Come see us there! This event is slated to take place December 2 - 4, 2019, in beautiful Lake Mary, Florida, where Team Cymru has our global Headquarters. We are happy to invite you to our backyard! For more information and to register for this event, please... Continue Reading →

Up ↑