Dataproof Communications

Executive summary ‘TajMahal’ is a previously unknown and technically sophisticated APT framework discovered by Kaspersky Lab in the autumn of 2018. This full-blown spying framework consists of two packages named ‘Tokyo’ and ‘Yokohama’. It includes backdoors, loaders, orchestrators, C2 communicators, audio recorders, keyloggers, screen and webcam grabbers, documents and cryptography key stealers, and even its own file indexer for the...

The Industrial Control System Visibility Imperative #outlook a{ padding:0; } body{ width:100% !important; } .ReadMsgBody{ width:100%; } .ExternalClass{ width:100%; } body{ -webkit-text-size-adjust:none; } body{ margin:0; padding:0; } img{ border:0; height:auto; line-height:100%; outline:none; text-decoration:none; } table td{ border-collapse:collapse; } #backgroundTable{ height:100% !important; margin:0; padding:0; width:100% !important; } body,#backgroundTable{...

Since its inception in 2009, Incapsula has been a proud part of Imperva, the analyst-recognized cybersecurity leader. However, cybersecurity needs are evolving, and so are we. On April 7th, we will officially retire Incapsula.com. All of the great Incapsula web site content that wasn’t already migrated to Imperva.com will move on that date. You can continue to access Incapsula...

BasBanke is a new Android malware family targeting Brazilian users. It is a banking Trojan built to steal financial data such as credentials and credit/debit card numbers, but not limited to this functionality. The propagation of this threat began during the 2018 Brazilian elections, registering over 10,000 installations to April 2019 from the official Google Play Store alone. This malware...

One year has passed since we published the first blogpost about the Roaming Mantis campaign on securelist.com, and this February we detected new activities by the group. This blogpost is follow up on our earlier reporting about the group with updates on their tools and tactics. Mobile config for Apple phishing Our key finding is that the actor continues to seek...

The Apache Kafka Streams library is used by enterprises around the world to perform distributed stream processing on top of Apache Kafka. One aspect of this framework that is less talked about is its ability to store local state, derived from stream processing. In this blog post we describe how we took advantage of this ability in Imperva’s Cloud...

I’m thrilled today to debut Centrify P.E.A.K. Performance, our new partner program! This launch is the culmination of a long period of listening. We’ve spent months listening to our partners, customers, and internal stakeholders to construct a program from the ground up that we feel empowers the channel to successfully sell Centrify’s cloud-based Zero Trust Privilege services. First, a step back....

A lot goes into building a good IT channel program. A truly-effective program should meet the vendor’s needs while also delivering attractive benefits to our partners. A successful channel program should deliver a number of key elements, including: partner profitability partner self-service access to tools and training to help them effectively sell and service customers demand creation tools partner access to formal...

Due to the wide media coverage of incidents involving Mirai and other specialized botnets, their activities have become largely associated with DDoS attacks. Yet this is merely the tip of the iceberg, and botnets are used widely not only to carry out DDoS attacks, but to steal various user information, including financial data. The attack scenario usually looks as...

- Read more