Picus Security Blog

Picus 10 Critical MITRE ATT&CK Techniques: T1055 Process Injection

At the end of February, the RSA Conference 2020 attracted 36,000 participants, 704 speakers, and 658 exhibitors. In this blog post, we highlight five noteworthy themes from the RSA Conference 2020.

Are you crystal clear on which cyber threats pose a significant risk to your business? In this article, we outline what you need to know to keep pace with the speed of change to reduce your exposure.

Unaware that current security controls are failing in silence. This blog discusses in-depth tips on dwell-time metrics and how to complete these strategies into your security posture?

We revealed obfuscated Visual Basic codes in the first part of the Emotet Technical Analysis series. In this second part, we analyze the PowerShell script in the VBA codes.

In this second part, we analyzed the PowerShell codes in the Emotet malware document. Emotet incorporates various obfuscation and evasion techniques to avoid detection, and these techniques change over time.

Sodinokibi ransomware has been responsible for a series of high-profile attacks since April 2019. In this blog, we analyzed a sample of Sodinokibi ransomware spread by spearphishing emails.

On New Year’s Eve, foreign currency exchange provider Travelex took all its systems offline following a Sodinokibi ransomware attack. This article reviews emerging ransomware attacks and actionable insights to prevent them.

Gartner has just named Picus Security a “Cool Vendor” in Security and Risk Management 2H19. We are thrilled and honored to receive this recognition.

This blog post discusses where Breach & Attack Simulation (BAS) fits into vulnerability scanning, penetration testing and red teaming continuum.