Fidelis Cybersecurity Launches Threat Intelligence Database and Freeware Tools to Help Security Practitioners Find Attackers Faster
Updated: Barncat is shut down as of February 2021, please refer all questions to support@fidelissecurity.com.
Barncat™ Threat Intelligence Database provides access to 100,000+ intelligence records of remote access tool configuration settings; freeware tools hunt for threats on endpoints and locate credit card PCI data
Fidelis Cybersecurity, the leading provider of products and services for detecting and stopping advanced cyberattacks, today announced the availability of a new threat intelligence database and freeware tools designed to help the security community stop attacks and prevent data theft. The new resources, available at no cost, include the Barncat™ Threat Intelligence Database, the ThreatScanner™ tool for finding malware residing on an endpoint, and CCNumberFinder™ to support PCI DSS compliance.
“After years of ongoing research and thousands of hours of incident response engagements, we’re eager to give back to the security community by sharing some of the threat intelligence we’ve curated and free tools we’ve developed. By making these tools and intelligence available to researchers and security analysts, we hope organizations will be able to find and stop attackers faster and more efficiently.”
Fidelis Cybersecurity Vice President of Threat Research Hardik Modi
The Fidelis Barncat™ Intelligence Database includes more than 100,000 records with configuration settings extracted from malware samples gathered during Fidelis’ incident response investigations and other intelligence gathering operations over the past decade. The typical remote access tool (RAT) malware sample includes a large number of configuration elements, including those controlling the behavior of the malware on the host and others related to command-and-control traffic. Barncat is updated with hundreds of new configuration records each day. By providing analysts with this extensive collection of extracted malware configuration settings, Barncat enables security practitioners to identify attackers more accurately and more reliably attribute multiple attacks to common threat actors.
Barncat is available for use by CERTs, research organizations, government entities, ISPs and other large commercial enterprises. Access is free, but users must request access and meet specific criteria. Learn more: https://fidelissecurity.com/resources/fidelis-barncat.
In addition to the Barncat database, Fidelis also announced the availability of two freeware tools:
- Fidelis ThreatScanner™: This free command line tool searches for malware artifacts hiding on a suspected endpoint using IOCs or YARA rules and automatically generates a report with details of suspicious artifacts. Users can customize the tool with their own threat intelligence and combine multiple indicators into a single rule.
- Fidelis CCNumberFinder™: This free command line Microsoft Windows tool supports PCI DSS compliance by searching for credit card numbers on a file system. The tool, used by Fidelis’ QSAs and PFIs, opens every file within a moving window and examines each byte position within that file for a credit card number in UTF-8 and UTF-16LE encodings. The tool opens compressed files recursively and outputs data in CSV format.
ThreatScanner™ will be featured in the Black Hat Arsenal on August 3 at the Black Hat USA 2016 conference. Additionally, Fidelis will be hosting a meetup in its booth (#1116) entitled “Intel vs. Indicators” on August 4 at 12:30 pm. The meetup, moderated by John Bambenek and Hardik Modi from the Fidelis Cybersecurity Threat Research Team, will focus on how organizations can use intelligence and indicators, including tools such as Barncat™, in their struggle to stay secure.
For a complete list of all of Fidelis activities at Black Hat 2016 visit our event overview page.
- Visit “The Fidelis Network Lounge” at exhibit #1116.
- Black Hat Arsenal: Learn what can you do with ThreatScanner! Join Brian Codde at Black Hat Arsenal on Wednesday, August 3 at 2:30 – 3:50. More information.
- Black Hat Meetup: Join Hardik Modi and Threat Systems Manager John Bambenek for an informal discussion on “Intel vs. Indicators” at 12:30 on Thursday, August 4 at exhibit 1116. Sign up to receive updates on Fidelis meetups at Black Hat.
- Technology Presentation: Join CSO Justin Harvey to learn “Ten Impossible Things You Can Do with the Right Metadata” at 4:10 on Wednesday, August 3 at Business Hall Theater B.
For updates and breaking news, follow Fidelis Cybersecurity on Twitter @FidelisCyber and on Linked In.
Fidelis Cybersecurity combats the full spectrum of cyber-crime, data theft and espionage. A leading provider of threat detection, hunting and response solutions, Fidelis provides full visibility across hybrid environments, automates threat and data theft detection, empowers threat hunting, and optimizes incident response with context, speed and accuracy. Fidelis is trusted by Global 1000s and Governments as their last line of defense.
The Fidelis Elevate® platform captures rich metadata from across the threat landscape and combines that content to enable real-time and retrospective analysis, giving security teams the platform to effectively hunt for threats in their environment.
For more information go to www.fidelissecurity.com. Fidelis Cybersecurity is a portfolio company of Skyview Capital.
