Talk to us.

Want to talk to a live person about how good our product is? Send us your information.

our latest news

Magecart Group 4 – A link with Cobalt Group?

The HYAS Threat Intel team partnered with Malwarebytes to connect the dots between Magecart Group 4 and the advanced threat group Cobalt.

Filter
HYAS Named 2020 TAG Cyber Distinguished Vendor 

HYAS, a provider of attribution intelligence and solutions that help cybersecurity teams identify specific threats targeting their organization and the adversaries behind them, announces today its selection by TAG Cyber as a Distinguished Vendor in this year’s 2020 Security Annual.

Hunting APT33 Campaign Infrastructure

Geopolitical risk is just one of many considerations that global enterprises and institutions must factor into their businesses, and when married with a firm’s information security, those risks can take on entirely new dimensions. Such has been the case with the current geopolitical environment when considering tensions between Iran and other global powers.

CVE-2017-0199 Targeting Brazilian Users

Recently we came across an interesting sample that warranted further investigation. The file in question was named “Reservar Grupos, Eventos e Feiras Groups, Events.docx” This particular sample (MD5: 52421a545a7472cf1451b99d914ea2dd) exploits CVE-2017-0199, which exploits the HTA handler in vulnerable versions of Microsoft Office when opening specially crafted RTF files. This CVE is heavily used to distribute […]

Krebs on Security: The Rise of “Bulletproof” Residential Networks

Brian Krebs examines how cybercrooks increasingly are anonymizing their malicious traffic by routing it through residential broadband and wireless data connections. Traditionally, those connections have been mainly hacked computers, mobile phones, or home routers. But this story is about so-called “bulletproof residential VPN services” that appear to be built by purchasing or otherwise acquiring discrete chunks of Internet addresses from some of the world’s largest ISPs and mobile data providers.

New Advanced Phishing Kits Target Digital Platforms

The difference between an obvious phish and a successful one is often the technical skill and attention to detail of the phish’s author. Gone are the days of poorly designed phishing kits and obvious deception; instead, a number of phishing kit authors are using increasingly sophisticated tactics to evade detection and trick targets into disclosing […]

Exploring a Lokibot and Azorult Actor’s Infrastructure

Investigating attacker infrastructure is the bread and butter of HYAS Comox. One of the routine tasks we need to do as investigators and analysts is to find malware samples and infrastructure related to a given incident or report. Comox makes this task quick and painless, especially when combined with our Maltego transforms. In this post, […]

Recent Ursnif Campaign Infrastructure and the Additional Items to Keep an Eye On

In recent months, there are has been a resurgence of Ursnif (aka Gozi ISFB) related campaigns. Since 2014, when the source code for the one of the more popular banking trojans was leaked, adversaries have been busy at work adding new features and capabilities to the malware. Some of these features and functions were highlighted […]

Adversaries Employing new TTPs to Launch Credential Stuffing Attacks

Over the past few months, HYAS has observed a noticeable increase in the number of credential stuffing attacks targeting multiple verticals including the enterprise market. “A credential stuffing attack involves attempting to use credentials that were publicly exposed during previous breaches in an automated fashion against new targets.” Multiple customers and partners reached out to […]

Phishing Attacks Continue to Challenge Healthcare Industry

Over the past few months, HYAS has observed a significant increase in the number of domains associated with crime-as-a-service vendors focused on phishing, spamming, and malware distribution. The threat of phish-facilitated malware looms large over the healthcare sector. Research shows that phishing techniques are frequently used as initial delivery vectors for malware attacks, whether ransomware […]

Why Attribution Really Is Not A Choice: Why Response Cannot Be Conducted Effectively Without Attribution

Introduction Over the last dozen years, the concept of attribution has been introduced into the broader cybersecurity community and conversations. As a result, the concept – or some variation of the concept, has become a persistent element of conversation in our industry. Whether being employed by intelligence analysts, SOC analysts, threat researchers, threat hunters, or […]

Comox Maltego Transforms on the Hub!

We are very excited to let you know that Maltego transforms for all your favourite Comox data sets are on the Maltego Partner Hub.

Leveling the Battlefield

“Battles are won because of asymmetry,” he says. The victor always has the advantage in some way. In the cybersecurity war, the attackers have long had the upper hand because they outclass the defenders in two key areas: information and time.

HYAS Adds Infosec Visionary Ariel Silverstone as Data Protection Officer, Secures Funding From Susa Ventures

HYAS, a leading provider of attribution intelligence solutions for infosec and cybersecurity professionals, today announced that long-time industry visionary and investor, Ariel Silverstone, has joined as Data Protection Officer. Building on the momentum of its recent $6.2 million Series A round led by M12, Microsoft’s venture fund, the company has also secured additional funding from […]

Cyber Attribution for Enterprise

The reason I bring this up is that the familiar cyber security concept of attribution can be done the hard or easy way – although for most organizations, the choice is pre-made. Specifically, the relatively straightforward way to establish attack origin is to use a snitch, leak, or tap – and if you’re NSA, then this is how you would do it. But if you’re the rest of us, then you must rely on more complex technical clues to determine accurate attribution.

Microsoft Pours Millions into Startup that Nails Cybercriminals

Chris Davis, Hyas’s CEO and cofounder, describes his company’s mission as providing “to-the-doorstep attribution,” meaning that it pinpoints attackers’s whereabouts and helps law enforcement apprehend them. “My drive is to locate the bad guy,” he tells Fortune.

Next Generation of Information Security Technology meets the demands of growing Cybersecurity Sector

As the global economy becomes increasingly digital, the importance of protecting organizations against cyber attacks continues to grow. WINN will help HYAS Infosec Inc. – a Vancouver Island-based information security firm – to commercialize their next generation cybersecurity platform while creating new economic opportunities and employment in the fast-growing threat intelligence sector right here in B.C.

Uncovering The Cyberattacker, Not Just The Cyberattack

Corporates around the world are expected to spend an estimated $96 billion on cybersecurity efforts this year, but with cybercriminals continuing to rake in the money, that spend may be in vain. It’s a fact that Jeff Spencer, COO of cybersecurity firm HYAS, described as “sad.”

Cybersecurity Pioneer HYAS Raises $6.2M Series A Round Led By M12

HYAS, a leading provider of attribution intelligence tools for infosec and cybersecurity professionals…

Attribution Intelligence: Illuminating the Shadows

HYAS doesn’t like letting bad guys get away. For three years, we’ve been working on something that helps law enforcement and intelligence analysts nail them to the wall.

10 to Watch 2018: HYAS Infosec

Despite security breaches like the Equifax fiasco, the information security industry has made only marginal improvements in protecting users and networks.