Cybereason’s Nocturnus Research Team Identifies New Glupteba Trojan Variants

The pervasive Glupteba trojan has been discovered by Cybereason’s researchers proliferating throughout parts of Asia. New research from the …

BOSTON (PRWEB)September 12, 2019

Cybereason, creators of the leading Cyber Defense Platform, today announced that its Nocturnus researchers spent many months identifying numerous new variants of the popular Glupteba trojan. Glupteba uses advanced techniques, including living-off-the-land, to gain access and persistence. The malware authors have rewritten Glupteba in Go, a relatively new language for malware authors, to increase its reach.

The team’s research found Glupteba making use of an extensive arsenal, including a cryptocurrency miner. Glupteba is prevalent in nearly 200 countries. This particular campaign is targeting businesses across Asia.

“Glupteba has been around for many years, but is still being actively developed and improved. Based on the variety of tools and techniques Cybereason observed, it is clear that threat actors have put in substantial efforts improving the malware. It implements a cryptocurrency miner and uses advanced techniques and lives-off-the-land. At the same time, the malware was not able to evade detection and made use of techniques that contradicted each other. For example, the malware used a driver to hide files and processes, but also left payloads visible or did not delete them at all. The large number of executed tools made this attack less stealthy than it perhaps could have been,” said Vlad Ogranovich, Director of Professional Services, Cybereason

Key Takeaways:

  • The Cybereason Nocturnus team identified multiple variants of Glupteba that made use of an extensive arsenal, including cryptocurrency miners and modules that target MikroTik routers.
  • This research is a deep technical dive into each step of the attack sequence, with specifics on how the malware drops the payload, escalates privileges, establishes persistence, installs, communicates with the C2 server, and propagates across the network through a router vulnerability. In addition, researchers outline how Glupteba used multiple evasive methods to avoid detection, including bundling with legitimate adware to infect the target machine and downloading the main payload with the living-off-the-land technique.
  • As with previous variants, Glupteba uses a rootkit to conceal its behavior and arsenal of tools.
  • This attack leverages the EternalBlue exploit to propagate across machines on the network.

Glupteba Remediation Recommendations:

  • Remove administrative rights from end users to prevent them from installing unauthorized applications and toolbars.
  • Implement and reinforce strong security awareness training across departments.

About Cybereason

Cybereason, creators of the leading Cyber Defense Platform, gives the advantage back to the defender through a completely new approach to cybersecurity. Cybereason offers endpoint prevention, detection and response and active monitoring. The solution delivers multi-layered endpoint prevention by leveraging signature and signatureless techniques to prevent known and unknown threats in conjunction with behavioral and deception techniques to prevent ransomware and fileless attacks. Cybereason is privately held and is headquartered in Boston, with offices in London, Sydney, Tel Aviv, Tokyo, Asia-Pacific and continental Europe.

Learn more:

Follow us: Blog | Twitter | Facebook

Media Contact:

Bill Keeler

Senior Director, Global Public Relations


(929) 259-3261

Related Posts:

  • No Related Posts

Boston’s August Includes Its Biggest Cybersecurity Round Yet (And Chickpeas)

About seven-and-a-half years ago, Cybereason, a security startup that wants to defend against cyberattacks and threats, was born in Tel Aviv, Israel.

About seven-and-a-half years ago, Cybereason, a security startup that wants to defend against cyberattacks and threats, was born in Tel Aviv, Israel. Then, searching for better access to customers and investors, the company eyed a move to the United States.

Subscribe to theCrunchbase Daily

Cybereason considered the normal hubs: New York, San Francisco, and Washington D.C. But ultimately, as co-founder Yonatan Striem-Amit detailed to Crunchbase News, the startup chose Boston as its new hub.

I wondered what makes a company like Cybereason choose Boston. After all, wasn’t there that whole Cambridge saga?1

“Looking at the talent, market, access to other companies and customers, makes Boston the best choice possible,” to relocate a company, Streim-Amit told me via in a phone interview.

As for that initial hope that a move across the world would lead to better access to investors? It worked. To date, the now Boston-based company has raised over $388.6 million in venture capital.

In fact, this past month, Cybereason raised a $200 million Series E led by SoftBank Group and its affiliates, the largest round for the company in its history, and the largest cybersecurity round landed in Greater Boston of all time, according to the company and Crunchbase data.

Plus, Cybereason’s round made up about 40 percent of venture capital dollars raised by Greater Boston companies2 in August ($487 million). More on the other 60 percent later, but first, this record-breaking round inspired me to dive a bit deeper into what cybersecurity looks like in Boston for this month’s column on the Greater Boston startup scene.

A Recap On Cybereason

SoftBank, which is known for its rapid bets into other companies in the form of large (and often nine-figure) venture capital checks, led Cybereason’s big round.

“Luckily for us, we found a great investor and a great partner in SoftBank, who have the same desire to build something very substantial [and[ not just go for quick returns,” he said. As we discussed in a separate post, the new Series E will be used to further fuel the cybersecurity company’s international presence.

Below is a chart of Cybereason’s total funding over time.

The company mentioned how cybersecurity, in general, has grown tremendously in Massachusetts. Think Akamai Technologies, or Rapid7. Or Raytheon. Or RSA Security.

Traditional cybersecurity companies fit “innovation within the boundaries” of separating good actors from bad actors, he said. But the next generation has realized that “hackers are more sophisticated.” This new wave has created an inflection point in the focuses that cybersecurity companies have.

Check out ourprevious Boston columns

“You have to have a much higher sophistication and look at the activity and determine by behavior and not just by what something looks like,” he said. Older companies, he feels, tackle problems after they come up. As we’ll unpack below, Cybereason isn’t the only new company looking to anticipate and predict hacks before they even happen.

Beyond Just One

BitSight, another cybersecurity company, in Greater Boston, has raised $151 million in known venture capital funding to date, according to its Crunchbase profile.

Jake Olcott, a VP at the security ratings firm, said BitSight has a ton of friendships within the cybersecurity space. The company is jumping in with other Boston-based companies working on application security, endpoint protection, and vulnerability scanning for partnerships, marketing insight, and smart hires.

From the exit angle, Boston cybersecurity also felt some momentum in August. Palo Alto-based VMware acquired Waltham-based Carbon Black, a security company, for $2.1 billion this past month. Carbon Black works on endpoint security, and went public last year. So while it’s beyond our private company niche, this deal is notable and tells us that Palo Alto has eyes on Boston’s security scene.

But Boston’s startup activity this month went far beyond the cybersecurity sector, so let’s wrap up with a quick roundup.

Chickpeas And Notaries

Going back to August totals, 14 startups across Greater Boston raised $487 million in venture capital funding, up almost three times the dollar amount from last month. I looked deeper to see why the uptick occurred.

First up, food. Motif FoodWorks, which we’ve written about before, added $27.5 million in additional funding to its Series A round. The company now has $117.5 million in known venture funding for its fermentation technology that develops proteins and nutrients for plant-based foods. Also in the food category, Boston-based Biena Snacks raised a $8 million Series B to give all of us crunchy, tasty chickpeas on the go.

Beyond fermentation and chickpeas, startups looking to help renovate old processes also found venture interest in August. Notarize raised $37 million in an extension of its Series B. The company launched a competitor to DocuSign in early June as it works to help its users verify legal documents online.

Ending With An Eavesdrop

Finally, I chatted with Ori Solomon this morning, a Boston-based VC and startup attorney from Morrison Foerster. He mentioned that in terms of small talk on the streets, Silicon Valley and Boston are an inverse of each other.

In San Francisco, a casual stroll can allow you to eavesdrop on tech folks talking about Facebook, Google, Salesforce, or Workday, he said. In Boston, you’re more likely to overhear conversations on something biotech related. And if not that, life sciences.

To me that says that we all need to do a better job of reading into zones outside of our everyday. Boston is no exception. Next month, I want to unpack university and VC startup collaborations rising just in time for back to school. Email or tweet me your tips.

Illustration: Li-Anne Dias

  1. A joke, a joke.

  2. This includes Boston and Cambridge.

Related Posts:

  • No Related Posts

Hhr Asset Management Has Upped Ptc (PTC) Holding by $978880; Jfs Wealth Advisors Upped Its …, Inc. (NASDAQ:AMZN) has risen 4.92% since September 11, 2018 and is uptrending. It has outperformed by 4.92% the S&P500.


Jfs Wealth Advisors Llc increased its stake in Amazon Com Inc (AMZN) by 70.59% based on its latest 2019Q1 regulatory filing with the SEC. Jfs Wealth Advisors Llc bought 276 shares as the company’s stock declined 2.34% . The institutional investor held 667 shares of the consumer services company at the end of 2019Q1, valued at $1.19M, up from 391 at the end of the previous reported quarter. Jfs Wealth Advisors Llc who had been investing in Amazon Com Inc for a number of months, seems to be bullish on the $872.44 billion market cap company. The stock decreased 0.59% or $10.8 during the last trading session, reaching $1820.55. About 2.61M shares traded., Inc. (NASDAQ:AMZN) has risen 4.92% since September 11, 2018 and is uptrending. It has outperformed by 4.92% the S&P500. Some Historical AMZN News: 24/04/2018 – BERLIN – AMAZON CEO SAYS NOT INTERESTED IN BUYING OTHER NEWSPAPERS, ALTHOUGH GETS REQUESTS MONTHLY; 17/05/2018 – Talking Markets: Amazon is Driving Ocado’s Deal Flurry; 07/03/2018 – Jeff Bezos unseats Bill Gates on Forbes 2018 richest billionaires list; 09/04/2018 – Boxed, the Costco for millennials, is launching a free-shipping membership program – and it has one big advantage over Amazon Prime; 05/04/2018 – Neosante’s Delictase® Oral Drops, an exogenous lactase formula designed to treat baby colic, are coming soon to; 10/04/2018 – GOP Senator moves to close cheap shipping loophole that helps Chinese businesses on Amazon; 03/04/2018 – Financial Times: FT Exclusive: Amazon has assembled the biggest lobbying team of any technology company in Washington…; 24/04/2018 – Amazon CEO says right for big companies to be scrutinized; 16/04/2018 – Here’s a look at Amazon’s extraordinary empire; 17/04/2018 – CASINO CFO SAYS THERE ARE NO DISCUSSIONS WITH AMAZON REGARDING VIA VAREJO IN BRAZIL

Hhr Asset Management Llc increased its stake in Ptc Inc (PTC) by 3.66% based on its latest 2019Q1 regulatory filing with the SEC. Hhr Asset Management Llc bought 10,640 shares as the company’s stock declined 22.92% . The hedge fund held 301,265 shares of the prepackaged software company at the end of 2019Q1, valued at $27.77 million, up from 290,625 at the end of the previous reported quarter. Hhr Asset Management Llc who had been investing in Ptc Inc for a number of months, seems to be bullish on the $7.72 billion market cap company. The stock decreased 1.67% or $1.14 during the last trading session, reaching $67.01. About 964,744 shares traded. PTC Inc. (NASDAQ:PTC) has declined 25.82% since September 11, 2018 and is downtrending. It has underperformed by 25.82% the S&P500. Some Historical PTC News: 18/04/2018 – PTC INC. 2Q ADJ EPS 34C, EST. 31C; 15/05/2018 – NORFOLK CEO SEES POST-PTC CAPEX AT 16%-18% OF SALES; 24/05/2018 – Ectobox Announces IoT Partnership with PTC; 18/04/2018 – PTC Sees 3Q Adj EPS 30c-Adj EPS 34c; 24/05/2018 – PTC Named a Visionary in Gartner Magic Quadrant for Industrial IoT Platforms; 08/03/2018 – Staples Solutions Goes Live with PTC’s Retail Product Lifecycle Management (PLM) Solution; 06/03/2018 UNION PACIFIC SAYS PTC IMPLEMENTATION IS HURTING TRAIN SPEED; 17/05/2018 – BSE Mumbai Bourse: Results from PTC India for Jan 01 to Mar 31; 16/05/2018 – PTC INDIA 4Q NET INCOME 643.7M RUPEES; 27/03/2018 – PTC Adds Connected Forecasting to Servigistics Service Parts Management Solution

More notable recent PTC Inc. (NASDAQ:PTC) news were published by: which released: “PTC -11% after beat-and-lower, downgrades – Seeking Alpha” on April 25, 2019, also with their article: “PTC Inc.: Avoid – Seeking Alpha” published on July 30, 2019, published: “Why PTC Stock Plunged Today – Nasdaq” on July 25, 2019. More interesting news about PTC Inc. (NASDAQ:PTC) were released by: and their article: “Here’s What Hedge Funds Think About PTC Inc (PTC) – Yahoo Finance” published on June 19, 2019 as well as‘s news article titled: “The 10 Biggest IoT Stocks – The Motley Fool” with publication date: September 02, 2019.

Investors sentiment increased to 1.13 in 2019 Q1. Its up 0.12, from 1.01 in 2018Q4. It increased, as 29 investors sold PTC shares while 112 reduced holdings. 58 funds opened positions while 101 raised stakes. 67.38 million shares or 3.96% less from 70.15 million shares in 2018Q4 were reported. Caisse De Depot Et Placement Du Quebec stated it has 3,000 shares. Canada Pension Plan Inv Board holds 0.03% in PTC Inc. (NASDAQ:PTC) or 160,160 shares. Lpl Fin Lc stated it has 0% of its portfolio in PTC Inc. (NASDAQ:PTC). Natixis Advisors LP invested in 18,155 shares or 0.01% of the stock. Victory Capital Mgmt owns 682,202 shares. Panagora Asset Mgmt invested in 8,006 shares. Ls Ltd Liability Corporation stated it has 0.05% of its portfolio in PTC Inc. (NASDAQ:PTC). Hrt Ltd, a New York-based fund reported 3,018 shares. Stifel Financial reported 5,961 shares. Thb Asset Management, a Connecticut-based fund reported 694,526 shares. State Of Alaska Department Of Revenue reported 0.02% stake. Franklin Resource holds 766,420 shares or 0.04% of its portfolio. Oppenheimer Asset Mngmt owns 2,605 shares for 0.01% of their portfolio. Merian (Uk) Limited invested in 63,973 shares or 0.05% of the stock. Hardman Johnston Global Lc accumulated 0.81% or 199,790 shares.

Hhr Asset Management Llc, which manages about $2.77 billion and $1.46B US Long portfolio, decreased its stake in Netflix Inc (NASDAQ:NFLX) by 36,454 shares to 165,828 shares, valued at $59.13 million in 2019Q1, according to the filing. It also reduced its holding in Polarityte Inc by 139,093 shares in the quarter, leaving it with 535,967 shares, and cut its stake in 2U Inc (NASDAQ:TWOU).

More notable recent, Inc. (NASDAQ:AMZN) news were published by: which released: “The Scariest Risks Facing Amazon Stock – Nasdaq” on August 22, 2019, also with their article: “Better Buy: Shopify vs. Amazon – Nasdaq” published on August 22, 2019, published: “Why Amazon Prime Video Will Keep AMZN Stock on an Upward Path – Nasdaq” on September 03, 2019. More interesting news about, Inc. (NASDAQ:AMZN) were released by: and their article: “E-Commerce Gathers Steam in India: AMZN, WMT, BABA in Focus – Nasdaq” published on August 22, 2019 as well as‘s news article titled: “CrowdStrike Wows Analysts With Execution: ‘Difficult Not To Be Impressed’ – Benzinga” with publication date: September 06, 2019.

Jfs Wealth Advisors Llc, which manages about $1.43B and $383.52 million US Long portfolio, decreased its stake in Invesco Exchng Traded Fd T by 12,609 shares to 35,510 shares, valued at $1.06 million in 2019Q1, according to the filing. It also reduced its holding in Spdr Index Shs Fds (GMM) by 10,098 shares in the quarter, leaving it with 5,430 shares, and cut its stake in First Tr Exchange Traded F (EMLP).

PTC Inc. (NASDAQ:PTC) Institutional Positions Chart

Receive News & Ratings Via Email – Enter your email address below to receive a concise daily summary of the latest news and analysts’ ratings with our FREE daily email newsletter.

Related Posts:

  • No Related Posts

KKR Makes Major Investment in Leading Labor Market Analytics Provider Burning Glass

analytics draw on a Burning Glass database of more than a billion current and historical job openings and the company’s pioneering use of big data …


KKR Global Impact Extends its Focus on Addressing Global Societal Challenges

KKR, a leading global investment firm, and Burning Glass Technologies, the world’s leading real-time labor market data source, today announced that KKR has completed the acquisition of a majority stake in Burning Glass from Providence Strategic Growth. Financial details of the transaction were not disclosed.

The investment is part of KKR’s Global Impact strategy, which is focused on identifying and investing behind companies whose core business models provide commercial solutions that contribute measurable progress toward one or more of the United Nations Sustainable Development Goals (SDGs). By providing the data to drive lifelong learning and market-aligned training, Burning Glass is delivering measurable progress in achieving two of the United Nations SDGs – Quality Education, and Decent Work and Economic Growth.

“By harnessing real-time labor market data, Burning Glass predicts the jobs and skills workers will need in the future, equipping educators, companies and governments with the tools necessary to meet this challenge and contribute meaningful progress toward these goals. We are proud to be investing in Burning Glass to meet this imperative,” said Robert Antablin, Co-Head of KKR Global Impact.

Burning Glass data are relied on by hundreds of clients worldwide, ranging from major employers, universities, and public agencies to multinational organizations like the OECD and the World Economic Forum. The firm has the world’s largest and most sophisticated labor market analytics engine, which it leverages to support workforce development and higher education. Burning Glass’ robust data engine tracks and analyzes job market supply and demand in real-time using proprietary analytics and taxonomies. The world-leading analytics draw on a Burning Glass database of more than a billion current and historical job openings and the company’s pioneering use of big data analytics to understand the changing nature of skills in the job market. Through a range of software applications, the company empowers learning institutions, enterprises, and government agencies in career-aligned program development, strategic workforce management, and in addressing the rapidly growing skills gap.

“Technology is disrupting workers and industries around the world. Predicting tomorrow’s jobs, and the skills needed for those jobs, will empower workers to navigate this disruption, companies to upskill their workforce, and policymakers to promote economic growth,” said Ken Mehlman, Co-Head of KKR Global Impact.

The company will continue to be led by its current executive team, including CEO Matt Sigelman and COO Josh Ticktin.

“The ability for universities to reinvent themselves to address new opportunities amidst existential challenges, the ability for companies to anticipate disruptive technology trends and plan for changing talent needs, the ability for workers and learners to unlock opportunity and mobility, all depend on being empowered with the right information. Burning Glass’s solutions deliver the insight that helps all constituencies to the job market understand the landscape of opportunity more clearly, plan more effectively, and connect more successfully,” said CEO Matt Sigelman. “We are excited for the opportunity to partner with KKR because, for all that we have accomplished, we have only just begun to scratch the surface of our potential to drive the transformative change needed for greater prosperity and efficiency.”

“Since our initial investment in 2015, Burning Glass has solidified its position as the world’s leading job market data source by using data to address challenges in the labor market and shape the future of work,” said Matt Stone, Principal at Providence Strategic Growth (PSG), the growth equity affiliate of Providence Equity Partners. “PSG would like to thank the Burning Glass team, in particular, Matt Sigelman and Josh Ticktin, for the opportunity and partnership over the last four years. We are excited for the company’s continued innovation and growth under KKR’s ownership.”

Burning Glass is the fourth investment out of KKR’s Global Impact strategy, following investments in Barghest Building Performance, Ramky Enviro Engineers Limited, and KnowBe4. Over the last decade, KKR has been a leader in driving and protecting value throughout the firm’s private markets portfolio through thoughtful Environmental, Social and Governance (“ESG”) management, as well as measuring and reporting on performance to the public and investors. The firm also has a history of investing in businesses that promote sustainable solutions to societal challenges. This experience of responsible investment combined with a changing landscape of global challenges led to KKR’s decision to create a dedicated Global Impact business in 2018. KKR’s investment in Burning Glass will build on this experience.

About KKR

KKR is a leading global investment firm that manages multiple alternative asset classes, including private equity, energy, infrastructure, real estate and credit, with strategic partners that manage hedge funds. KKR aims to generate attractive investment returns for its fund investors by following a patient and disciplined investment approach, employing world-class people, and driving growth and value creation with KKR portfolio companies. KKR invests its own capital alongside the capital it manages for fund investors and provides financing solutions and investment opportunities through its capital markets business. References to KKR’s investments may include the activities of its sponsored funds. For additional information about KKR & Co. Inc. (KKR), please visit KKR’s website at and on Twitter @KKR_Co.

About Burning Glass Technologies

Burning Glass Technologies is an analytics software company that has cracked the genetic code of an ever-changing labor market. Powered by the world’s largest and most sophisticated database of labor market data and talent, the Company delivers real-time data and breakthrough planning tools that inform careers, define academic programs, and shape workforces.

Burning Glass’ applications drive practical solutions and are used by employers, workers, and educators to make data-driven decisions. Educational institutions, online learning providers and publishers use Burning Glass’ applications to align programs to career opportunity; market programs based on their career ROI; and inform student academic and career decisions. Employers, HR software providers, job boards and recruiters use Burning Glass to analyze their current talent pool and project future needs. This insight allows users to develop strategic workforce plans; build market-informed job and skill definitions; and gain rich competitive intelligence.

Based in Boston and with 320 employees worldwide, Burning Glass is playing a growing role in informing the global conversation on education and the workforce, and in creating a labor market that works for everyone.

Find out more at

About Providence Strategic Growth Capital Partners L.L.C.

Providence Strategic Growth (“PSG”) is an affiliate of Providence Equity Partners (“Providence”). Established in 2014, PSG focuses on growth equity investments in lower middle market software and technology-enabled service companies. Providence is a premier global asset management firm that pioneered a sector-focused approach to private equity investing with the vision that a dedicated team of industry experts could build exceptional companies of enduring value. Since the firm’s inception in 1989, Providence has invested in more than 180 companies and is a leading equity investment firm focused on the media, communications, education and information industries. PSG is headquartered in Boston, MA, while Providence has offices in Providence, New York and London. For more information on PSG, please visit, and for more information on Providence, please visit

View source version on

Related Posts:

  • No Related Posts

Galp Selects Localytics to Power Data-Driven Digital Customer Experience

We are headquartered in Boston, MA with offices in Berlin, San Francisco and London. Investors include Sapphire Ventures, Foundation Capital and …

Partnership will enable Galp to accelerate program to personalize the EvoDriver platform

BOSTON, Sept. 10, 2019 /PRNewswire/ —Localytics, a digital intelligence platform for mobile and web engagement, today announced that Galp, a publicly held, Portugal-based energy company, has selected Localytics to accelerate its digital customer engagement strategy. Localytics will enable Galp to develop unique, meaningful digital customer experiences through its EvoDriver mobile platform, allowing gas station and convenience store customers to pay through mobile wallet, as well as participate in a new digitalization of Galp’s loyalty rewards programs.

“It’s all about convenience,” said João Filipe Torneiro, Head of Marketing & Business Development at Galp, and former CEO of Galp Madeira. “Our customers are on-the-go and need to quickly find our nearest location, easily pay using their preferred payment method, and then go about their journey. Our loyalty programs reach over 3 million retail and business customers. It’s a huge part of what makes Galp different, and we’re investing in digitizing that loyalty experience.”

Galp’s business includes a wide spectrum of the energy-related activities, from the exploration and extraction of oil and gas to the development of efficient and environmentally sustainable energy solutions for customers. This includes more than 2,300 retail gas stations and convenience stores across Portugal and Spain. With Localytics, Galp will collect quantitative and qualitative feedback from customers to better understand how they are engaging with the EvoDriver mobile experience — from navigation, to payment, to loyalty. Localytics will also enable Galp to quickly launch new digital customer experiences — including mobile coupons for non-fuel products, and other personalized offers based on customer preferences and location.

“Galp has ambitious plans to transform their retail business,” said Jude McColgan, CEO of Localytics. “With consumer-facing innovations in electric and autonomous vehicles coming to market, and a maturing, on-demand economy for everything from rideshares to gas to delivery, the nexus of the mobility industry is shifting from automotive products to transportation services. Digital-first organizations will own the future customer relationship, and Galp is investing for that future.”

About Localytics

Localytics is a digital intelligence platform for mobile and web engagement. Localytics gives brands the data, intelligence and marketing channels to deliver a meaningful, personal customer experience. We help brands discover and deliver exactly what their customers are passionate about, and integrate those insights and experiences across mobile and other channels to deliver a digital customer experience that resonates. Our platform is used in more than 37,000 apps on more than 2.7 billion devices by companies such as ESPN, Fox and The New York Times. We are headquartered in Boston, MA with offices in Berlin, San Francisco and London. Investors include Sapphire Ventures, Foundation Capital and Polaris Partners. Learn more at


View original content:

Related Posts:

  • No Related Posts