Threat HUNTing Platform
Credential Risk Assessment and Remediation
ORKOS: Preventing the 9 steps to domain collapse
R9B understands the cognitive aspects of cyber operations. Our curriculum provides the hands-on technical skills students require to attain a variety of advanced cybersecurity qualifications. We instill the knowledge, skills, and abilities necessary for our students to defeat the adversary. Below are our available courses. Please check back often as our course offerings are updated regularly. Government organizations, please contact R9B directly via training@root9B.com for pricing and purchasing information.
Retail Point-of-Sale (PoS) systems remain a top target for the financially-motivated hacker. Theft of payment card data in large volume exists not only as its own segment within financial crime, but also serves to facilitate other even more harmful motives of today’s criminal elements. To the businesses targeted by cyber criminals, the negative effects are far reaching with impact on brand reputation, consumer and investor confidence, and business growth strategies. With such a lucrative target as payment card data, adversary groups continue to adapt Tactics, Techniques, and Procedures (TTPs) in response to defenders’ change in security practices. One effective attacker TTP is to use so-called “fileless,” or memory-resident malware, to carry out attacks against retailer PoS systems.
root9B discovered an advanced, targeted PoS intrusion focused on harvesting payment card information for exfiltration. The adversary’s campaign has active and operational Command and Control (C2) servers. root9B’s analysis determined that the adversary is using advanced memory-resident techniques to maintain persistence and avoid detection. The malware likely required a significant amount of time and knowledge to create. We typically see techniques at this level by well-resourced, well-funded, motivated adversaries.
This ongoing campaign has targeted numerous organizations and their PoS systems. root9B uncovered the TTPs utilized and describes them in a detailed analysi
BACK TO NEWSROOM