news
ThreatQuotient expands professional services offering
hreatQuotient, a leading
T
security operations platform
innovator, has announced
enhancements to its professional
services offering, including new
assessment and consulting
services. First launched in 2017,
ThreatQuotient’s global professional
services team has continuously
evolved to meet and exceed the
changing needs of organisations at
all levels of security operations and
threat intelligence maturity. By providing
the core capabilities to assess, design
and build a threat-centric security
operations function, ThreatQuotient is
enabling organisations to transition from
traditional signature-based monitoring,
detection and response to an external,
threat-focused programme.
“At ThreatQuotient, we know building a
security operations programme is hard
and building one that is threat-centric
is even more difficult. Our team is
here to help at every stage – from
assessing whether a company will
get value out of a threat intelligence
programme, all the way to helping
the most mature and sophisticated
teams diversify their use cases,”
said Jonathan Couch, SVP Strategy,
ThreatQuotient. “With over 50
years of combined commercial and
government threat intelligence and
operational cybersecurity experience
on the services leadership team, we
are uniquely qualified and positioned
to tailor solutions that meet the
distinct needs and demands of an
organisation’s security operations.”
In addition to the current services
of implementation, training and
development, ThreatQuotient now
offers consulting services that range
from an initial assessment of current
threat intelligence capabilities to
more in-depth and long-term
process development.
XHELPER – THE TROJAN THAT’S NEARLY
IMPOSSIBLE TO REMOVE
ast year, a particularly indelible
L
malware was discovered
attacking Android-based
devices: the now infamous xHelper
Trojan, which is nearly impossible to
remove from a device. As of March
2020, the xHelper has infected over
55,000 phones around the world and the
attacks continue.
After xHelper is installed, it runs a series
of downloads of other malicious files,
including one known as Triada, which
provides root access on the device.
This is what makes xHelper particularly
difficult to remove; the malware module
installed in the system folder simply
reinstalls the deleted applications.
In addition, all the files copied to the
phone’s folders by the malware are
designated “immutable”, meaning not
even superusers can delete them.
Igor Golovin, Malware Analyst at
Kaspersky, said: “xHelper is particularly
dangerous because it creates a backdoor
that the attackers can use to execute
commands as if they’re a superuser, as
well as gain access to all app data. A
similar backdoor can then be used by
other malware, like CookieThief, to attack
the same device. Since xHelper is nearly
impossible to remove, it’s important that
Android users stay vigilant about what
they’re downloading on their phone and
always use a strong mobile security
software. The good news – if you are
downloading apps from official stores,
chances of encountering this malware are
very, very low.”
www.intelligentciso.com | Issue 25
9