Applied Threat
Research Team

ATR

Securing our Customers with Leading-Edge Threat Research

The Gigamon Applied Threat Research (ATR) team’s mission is to dismantle the ability of an adversary to impact our customers. Our team of expert security researchers, engineers and analysts focuses on continuous research of threat actors, emerging attack techniques, and builds leading-edge detection and investigation capabilities leveraging the vast Gigamon Insight network of telemetry and intelligence datasets.

research prototype detect
PRESENTATIONS & WEBINARS

Network Forensic Analysis in an Encrypted World

Learn about the research and methodologies for performing network forensic analysis of encrypted communications streams from ICEBRG Co-founder, William Peteroy and Principal Security Engineer, Justin Warner.

NEWS AND REPORTS
research

ARS Technica

Stymied by browsers, attackers embed Flash 0-day inside MS Office document

As browsers make it increasingly hard to exploit vulnerabilities in Adobe Flash, hackers move to using Microsoft Office to remotely load Flash content that used a zero-day flaw to take control of computers.

research

Dark Reading

Four malicious Google Chrome extensions affect 500K users

Threat actors know employees usually trust, and have control over, downloading extensions. Using this, they can execute code via seemingly legitimate applications to gain a foothold.

research

ZDNet

Carbanak hackers pivot plan of attack to target banks, the enterprise

FIN7, a group behind the theft of billions worldwide have changed their plan of attack in targeting businesses. Their change of payload may cause detection issues for legacy signatures and detections.

BLOG & EVENTS

Applied Threat Research Blog

1H 2018 CRIMEWARE TRENDS: A SAMPLING OF MALICIOUS E-MAIL ATTACHMENTS

The team drills into a sample of email attachment threats used in attacks against Gigamon Insight customers during the first half of 2018, and the detection rates of these samples.

ADOBE FLASH ZERO-DAY LEVERAGED FOR TARGETED ATTACK IN MIDDLE EAST

The Gigamon ATR team (formerly ICEBRG’s Security Research Team) has identified active exploitation of a zero-day vulnerability in Adobe Flash that appears to target persons and organizations in the Middle East.

MORE EXTENSIONS, MORE MONEY, MORE PROBLEMS

In January, ICEBRG (acquired by Gigamon) disclosed the presence of malicious Google Chrome extensions that were impacting over a half-million endpoints worldwide, enabling a massive click-fraud campaign and exposing significant risk to enterprises.

MALICIOUS CHROME EXTENSIONS ENABLE CRIMINALS TO IMPACT OVER HALF A MILLION USERS AND GLOBAL BUSINESSES

Most leading web browsers, including Google Chrome, offer users the ability to install extensions. While these web-based applications can enhance the user's overall experience, they also pose a threat to workstation security with the ability to inject and execute arbitrary code.

MEET THE TEAM

Connect with Other Security Experts

Join the conversation in the Gigamon Community Security group.

Gigamon Community