#ElasticSecurityLabs has identified a brand new malware loader connected to BYOVD. A full write-up on GHOSTENGINE is coming next week, but we've already got a rule in place: go.es.io/3K1FH1v
Ebury is some fascinating and sophisticated malware! Props to ESET Research for their extensive threat research report. Happy to see our coverage at Elastic is on point. 🔍👏
#ebury #ElasticSecurityLabs #elastic
XZ Utils の脆弱性 CVE-2024-3094 とバックドア:検出のためのツール/スクリプト/ルールが公開
iototsecnews.jp/2024/04/08/xz-…
#AndresFreund #BackDoor #Binarly #Bitdefender #CyberAttack #ElasticSecurityLabs #Exploit #liblzma #Linux #Microsoft #OpenSSF #SSH #SupplyChainAttack #TTP #XZUtils
Looking to fine tune Linux permissions? This new article from Shashank K S focuses on process capabilities. See how privilege escalation occurs in Linux systems and implement some best practices to keep your organization safe: go.es.io/3vkG8Av
#ElasticSecurityLabs
Streamline Linux detections with this new article on Auditd from Ruben Groenewoud. This article explores the tool’s capabilities, how to set it up on your own system, and walks through an introduction to Auditd Manager: go.es.io/3PMWyIN
#Linux #ElasticSecurityLabs
We've got a new report: the LLM Safety Assessment! This brand new publication discusses LLM implementation risks, expands on OWASP® Foundation‘s research, and provides mitigations for common threats. Get it for free: go.es.io/4a7FJiY
#ElasticSecurityLabs #generativeAI #LLM
The recent discovery of the XZ backdoor into Linux systems has caused quite a stir. See our detailed breakdown of CVE-2024-3094 and the protections we’ve created in this new article from Samir, Mika Ayenson, and Jake: go.es.io/3TJYin8
#ElasticSecurityLabs
Interested in securing the lifecycle of your LLM? The newest article from Mika Ayenson details his research into native protections against the OWASP® Foundation Top Ten with ES|QL. Check it out: go.es.io/3Qht7i9
#ElasticSecurityLabs #GenerativeAI #LLM #securityresearch
cybersecurity-help.cz/blog/3588.html
Researchers discovered a new malware campaign that leverages MSIX application packages to infect Windows machines with a stealthy malware loader called ‘Ghostpulse.’
#ElasticSecurityLabs #MSIX #Ghostpulse
Russian cybercriminals spread new Lobshot banking trojan via Google ads #TA505 , #malvertising , #ElasticSecurityLabs cybersecurity-help.cz/blog/3265.html
We’re releasing a new #detection ruleset for Amazon Web Services’s Bedrock! This new publication from Mika Ayenson, Susan Shu Chang, and Jake details the rules and our suggestions for standardizing security fields: go.es.io/3WozN1U
#ElasticSecurityLabs #LLM #generativeai
MSIX App Installer Protocol がデフォルトで OFF:マルウエア配布の武器にされている
iototsecnews.jp/2023/12/29/mic…
#CyberAttack #ElasticSecurityLabs #Malware #Microsoft #msappinstaller #MSIX #Phishing #RAT #SangriaTempest #Scammer #Storm0569 #Storm1113 #Storm1674 #TTP #Windows #ZeroTrust
Check out this brand new publication from Elastic Security Labs: the LLM Safety Assessment.
This report explores #GenAI and #LLM safety, including in-depth explanations of risks and best practices to mitigate attacks. go.es.io/3WAtV5Q
#ElasticSecurityLabs