CyberPoint Blog

We not only protect what's invaluable, but we write about it too.

Malicious Browser Extensions

Malicious Browser Extensions As we do more and more of our day-to-day tasks online, our web browsers have become an irreplaceable tool for many people. Often, we decide to augment the default behavior of these browsers with browser extensions to provide custom functionality to our browsers in order to make the tasks that we perform online easier. However, with the introduction of browser extensions comes a large attack vector that could be used to serve us advertisements, circumvent web security features, or even gain access to our computer. In the case of mobile apps, relying on the official "store" significantly reduces the risk of installing malicious software. Unfortunately, in the case of browser extensions, the official web stores are not nearly as efficient in recognizing malicious extensions, with there being several cases of malicious browser extensions making it onto the Google Chrome Web Store and being ranked ahead of the legitimate extensions in search results:

http://www.pcworld.com/article/3027642/security/googles-chrome-web-store-lists-malicious-chrome-apps-ahead-of-legit-extensions.html

Since CyberPoint is in the business of protecting what is invaluable to you, I hope to provide some guidance as how to better avoid malicious extensions.

Read more »

Using Compression to Compare Objects

Posted April 13, 2017 by Riva Borbely

Using Compression to Compare Objects In my previous blog post, I discussed our endeavor to benefit from unsupervised learning on CyberPoint's malware dataset. One of the more intriguing tools I played with during that effort was the normalized compression distance (NCD).

Continue reading

Share your Indicators of Compromise

Posted January 11, 2017 by Kirk Hedelius

Share your Indicators of Compromise At CyberPoint, we pride ourselves on mastering and using all effective strategies to prevent, discover, and fix cyber attacks. Over the past decade, a promising approach, the use of Indicators of Compromise (IOCs), has moved from specialized government and military applications into widespread use.

Continue reading

Learning in the Dark: Lessons Learned in Unsupervised Learning

Posted December 7, 2016 by Riva Borbely

CyberPoint has seen great success in using supervised machine learning for malware detection. A while back, however, some colleagues and I set out to investigate whether we could make any interesting discoveries by applying unsupervised learning to CyberPoint's malware dataset.

Continue reading

Logging Keystrokes with Event Tracing for Windows (ETW)

Posted October 22, 2016 by Nate Rogers and Stan Chua

Logging Keystrokes with Event Tracing for Windows As a follow-up to our talk at Ruxcon, "Make ETW Great Again", we wanted to go into a bit more depth than we could cover in our hour long talk. While our talk consisted of multiple examples of ETW usage, detecting ransomware, USB Keylogging, and sniffing SSL encrypted data from WinINet (our code can be found here:

Continue reading

The Human Interface Device (HID) Attack, aka USB Drive-By

Posted October 18, 2016 by Mark McLarnon

The Human Interface Device (HID) Attack As a part of our effort to educate, assess and train (EAT), we want to highlight a physical host attack technique that is extremely cheap and simple to pull off, and unfortunately yields a significant return for the attacker if successful. The technique is commonly referred to as a "Human Interface Device (HID) attack" or a "USB drive-by".

Continue reading

Software Defined Security at CyberPoint

Posted September 23, 2016 by Zach Miller

Software Defined Security at CyberPoint Software-defined networking, commonly referred to as SDN, has received a lot of press recently regarding both the technology itself and the impact that it will have in the networking world. At CyberPoint, being a cyber security company, we got curious and decided to take a look at the impact that SDN could have on security.

Continue reading

The Minimum

Posted May 6, 2016 by Rich Arnold, CRO

The Minimum "If the minimum weren't good enough, it wouldn't be the minimum."

It's not just a rationalization of laziness. It's often the correct approach to compliance with externally mandated cyber security requirements.

Continue reading

Follow us on Twitter!

@CyberPoint_Intl

Share

If you like CyberPoint and think others would too, we'd appreciate it if you would spread the word!

Looking for a job?

Browse all of our available careers to find a job that suits your specific career interests. Or, if you aren't quite ready to change careers but are interested in CyberPoint, stay connected with us!

Contact Us

Let us know if you are interested in working with us, for us, or if you just want to learn more about us.