We provide the customer with the ability to perform Hunting through historical artifact queries and file analysis using our internal RetroHunt component (retrospective static file analysis).

In addition to the Deep File Inspections signatures provided by InQuest Labs, the platform provides the ability to create, test, and tune custom signatures to address threats to your organization.Retrohunt is a perfect solution to scan previous network events with emerging 0-day signatures.

Our partnership with Exodus Intelligence incorporates their knowledge of vulnerability discovery, exploitation techniques, and vulnerability intelligence into our customer's ability to detect threats targeting their organization.

Click below to learn more about how we beat traditional Anti-Virus

Read More
Latest InQuest Blog Posts
Ex Machina: Man + Machine
Stephen Esling / 2018-11-14

Since its introduction by WheelGroup in 1995, signature-based detection has been a staple of antivirus software. Now, over twenty years later, it seems that it’s reached the limits of its usefulness. In 2016, the Webroot Threat Report published that, thanks to a large spike in the usage of polymorphic, or self-altering, code, 94% of malware that year was found to be unique, having only been encountered once.

Read More
Examining Malware Web Browser Injections
Adam Swanda / 2018-11-13

Banking malware and information stealing malware are some of the most popular threats in today's landscape. Many stealers will collect information and credentials from locally installed applications such as web browsers, email and instant messaging clients, and other common software. Banking trojans, on the other hand, go the extra mile to pilfer data and use what is called Web browser injections, more commonly called "web injects".

Read More
InQuest Labs Research Spotlight
ThreatKB
Knowledge base workflow management for Yara rules and C2 artifacts
Read More
Awesome Malware Analysis
A curated list of awesome malware analysis tools and resources.
Read More
pe-static
Stand-alone Python script for static file analysis for PE files
Read More
Global Security Events
What scams shoppers should look out for on Black Friday and Cyber Monday
@talossecurity

Every year, more and more Americans are taking care of their holiday shopping on Cyber Monday. Last year, consumers spent a record $6.59 billion during the annual online shopping day, an all-time record, according to Adobe Insights. Still, that doesn’t mean no one is rushing out the night of Thanksgiving to do their shopping.

Read More
Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
@PaloAltoNtwks

In late October and early November 2018, Unit 42 intercepted a series of weaponized documents that use a technique to load remote templates containing a malicious macro. These types of weaponized documents are not uncommon but are more difficult to identify as malicious by automated analysis systems due to their modular nature.

Read More
tRat: New modular RAT appears in multiple email campaigns
@proofpoint

TA505 is one of the most prolific actors Proofpoint tracks. The group was responsible for hundreds of Dridex campaigns beginning in 2014 and massive Locky campaigns in 2016 and 2017, many of which involved hundreds of millions of malicious messages distributed worldwide.

Read More
Useful Links
InQuest Insider - Your monthly resource for the latest in cyber security news, trends, tips and tools. Subscribe here: http://eepurl.com/dHNeKL
Copyright © InQuest 2018