Fidelis Cybersecurity Launches Threat Intelligence Database and Freeware Tools to Help Security Practitioners Find Attackers Faster

Barncat™ Threat Intelligence Database provides access to 100,000+ intelligence records of remote access tool configuration settings; freeware tools hunt for threats on endpoints and locate credit card PCI data

BETHESDA, Md.--()--Fidelis Cybersecurity, the leading provider of products and services for detecting and stopping advanced cyberattacks, today announced the availability of a new threat intelligence database and freeware tools designed to help the security community stop attacks and prevent data theft. The new resources, available at no cost, include the Barncat™ Threat Intelligence Database, the ThreatScanner™ tool for finding malware residing on an endpoint, and CCNumberFinder™ to support PCI DSS compliance.

“After years of ongoing research and thousands of hours of incident response engagements, we’re eager to give back to the security community by sharing some of the threat intelligence we’ve curated and free tools we’ve developed”

“After years of ongoing research and thousands of hours of incident response engagements, we’re eager to give back to the security community by sharing some of the threat intelligence we’ve curated and free tools we’ve developed,” said Fidelis Cybersecurity Vice President of Threat Research Hardik Modi. “By making these tools and intelligence available to researchers and security analysts, we hope organizations will be able to find and stop attackers faster and more efficiently.”

The Fidelis Barncat™ Intelligence Database includes more than 100,000 records with configuration settings extracted from malware samples gathered during Fidelis’ incident response investigations and other intelligence gathering operations over the past decade. The typical remote access tool (RAT) malware sample includes a large number of configuration elements, including those controlling the behavior of the malware on the host and others related to command-and-control traffic. Barncat is updated with hundreds of new configuration records each day. By providing analysts with this extensive collection of extracted malware configuration settings, Barncat enables security practitioners to identify attackers more accurately and more reliably attribute multiple attacks to common threat actors.

Barncat is available for use by CERTs, research organizations, government entities, ISPs and other large commercial enterprises. Access is free, but users must request access and meet specific criteria. Learn more: https://www.fidelissecurity.com/resources/fidelis-barncat.

In addition to the Barncat database, Fidelis also announced the availability of two freeware tools:

  • Fidelis ThreatScanner™: This free command line tool searches for malware artifacts hiding on a suspected endpoint using IOCs or YARA rules and automatically generates a report with details of suspicious artifacts. Users can customize the tool with their own threat intelligence and combine multiple indicators into a single rule.
  • Fidelis CCNumberFinder: This free command line Microsoft Windows tool supports PCI DSS compliance by searching for credit card numbers on a file system. The tool, used by Fidelis’ QSAs and PFIs, opens every file within a moving window and examines each byte position within that file for a credit card number in UTF-8 and UTF-16LE encodings. The tool opens compressed files recursively and outputs data in CSV format.

ThreatScanner™ will be featured in the Black Hat Arsenal on August 3 at the Black Hat USA 2016 conference. Additionally, Fidelis will be hosting a meetup in its booth (#1116) entitled “Intel vs. Indicators” on August 4 at 12:30 pm. The meetup, moderated by John Bambenek and Hardik Modi from the Fidelis Cybersecurity Threat Research Team, will focus on how organizations can use intelligence and indicators, including tools such as Barncat™, in their struggle to stay secure.

Resources

Fidelis at Black Hat 2016

For a complete list of all of Fidelis activities at Black Hat 2016 visit our event overview page.

For updates and breaking news, follow Fidelis Cybersecurity on Twitter @FidelisCyber and on Linked In.

About Fidelis Cybersecurity

Fidelis Cybersecurity is creating a world where attackers have no place left to hide. We reduce the time it takes to detect attacks and resolve security incidents. Our Fidelis Network™ and Fidelis Endpoint™ products look deep inside your traffic and content where attackers hide their exploits. Then, we pursue them out to your endpoints where your critical data lives. With Fidelis you’ll know when you’re being attacked, you can retrace attackers’ footprints and prevent data theft at every stage of the attack lifecycle. To learn more about Fidelis Cybersecurity products and incident response services, visit www.fidelissecurity.com and follow us on Twitter @FidelisCyber.

Contacts

Fidelis Cybersecurity
Rachel Hunt, 240-380-2775
rachel.hunt@fidelissecurity.com
or
Merritt Group
703-390-1512
Fidelis@merrittgrp.com

Recent Stories

RSS feed for Fidelis Cybersecurity

Website

Release Summary

Fidelis Cybersecurity launches the Barncat Threat Intelligence Database and freeware tools designed to help the security community stop attacks and prevent data theft.

Fidelis Cybersecurity