Press For Immediate Release
Reston, VA – Veteran-founded FOUR|18 Intelligence announced today that its gamified, real-world data, cybersecurity internship platform called DEF3NSE captured last week’s Microsoft Zero-Day threat, Follina, and turned it immediately into a hands-on opportunity to hunt a Zero Day as it unfolds.
This major Zero-Day exploit, CVE 2022-30190, reported last week by Microsoft, allows an attacker to take over remote control of a computer if a victim clicks on a phishing email link or otherwise visits an attacker’s site, such as through a supply-chain attack, and opens an infected Microsoft Word document. As a Zero Day threat, victims’ have limited to no protection should they become exposed.
The day the threat was announced FOUR|18 administrators started watching for evidence of it in DEF3NSE’s live global threat feed and spotted it a few days later when it briefly surfaced in a public phishing site over a narrow 30-minute window. Within minutes the threat was available in DEF3NSE for hands-on analysis by interns training to become analysts. Soon after, it was reported malicious to the platform’s live-URL threat sensor, PhishCloud, turning it red globally for all PhishCloud users and connecting FOUR|18’s analyst-interns with the global response to Follina in real-time – right down to any desktops that could become infected through this URL. (See figures.)
“Our student-interns learn first-hand how to hunt and stop dangerous phishing threats and malware attacks like Follina by using real-world data, easy-to-master tools, and on-demand professional coaching through the DEF3NSE platform,” said Mark Jaster, Founder and CEO. “Then our clients and partners’ customers are notified if they are being specifically targeted by a threat via partners like PhishCloud – making for an unparalleled internship experience.”
When asked about the partnership, Terry McCorkle, Founder and CEO of PhishCloud said “We are excited to be working with Mark and FOUR|18 Intelligence in pioneering new ways to identify threats quickly and train the next generation of threat hunters and responders.” He added “our focus on users, their privacy, and providing them real-time link safety, combined with the teams at FOUR|18 and their use of the DEF3NSE platform, opens new possibilities for crowdsourcing phishing protection for business and the masses to reduce any users’ exposure time to threats from days to just minutes.” Adds Jaster, “Human judgment in this loop remains critical. Threats like these get through anti-phishing network technology to desktops more than 50% of the time and cost companies millions. By teaching threat hunters and responders on the latest threats with the tools of the trade and critical thinking they learn to inform others and systems how to see and stop these attacks in their tracks.”
For more on FOUR|18 Intelligence visit https://info.418intelligence.com/mission.
For immersive cybersecurity training with live data and practitioner coaching contact tradecraft@418intelligence.com.
About FOUR|18 Intelligence.
A veteran-founded company, partially funded by the Department of Homeland Security, delivers a gamified, real-world-data training & crowdsourcing platform that accelerates and updates skills through immersion in active threats and adversary tradecraft. FOUR|18’s programs and technology arms analysts and front-line employees with awareness, skills, and resources that protect valuable corporate assets against the latest threats and cybercriminals.
About PhishCloud.
PhishCloud, Inc., an IT Security Services company, empowers end users and IT to make intelligent decisions to all manner of digital threats so that IT can respond to and block phishing and online threats their people see in real-time. For more information, visit https://www.phishcloud.com/.
