We’ve observed a recent uptick in LATRODECTUS, a malware loader with ties to ICEDID. This brand new article breaks down the details and highlights protections. Check it out: go.es.io/4bFp1Zo

#ElasticSecurityLabs #malware

#ElasticSecurityLabs has identified a brand new malware loader connected to BYOVD. A full write-up on GHOSTENGINE is coming next week, but we've already got a rule in place: go.es.io/3K1FH1v

Ebury is some fascinating and sophisticated malware! Props to ESET Research for their extensive threat research report. Happy to see our coverage at Elastic is on point. 🔍👏

#ebury #ElasticSecurityLabs #elastic

.Samir‘s new article explores recent Windows zero-day attacks by analyzing in-the-wild LPE examples and outlining detections that can be run in Elastic Security. Check out the three cases: CLFS, DWM, and Activation Context: go.es.io/43vV8rC

#ElasticSecurityLabs

XZ Utils の脆弱性 CVE-2024-3094 とバックドア：検出のためのツール／スクリプト／ルールが公開
iototsecnews.jp/2024/04/08/xz-…
#AndresFreund #BackDoor #Binarly #Bitdefender #CyberAttack #ElasticSecurityLabs #Exploit #liblzma #Linux #Microsoft #OpenSSF #SSH #SupplyChainAttack #TTP #XZUtils

Looking to fine tune Linux permissions? This new article from Shashank K S focuses on process capabilities. See how privilege escalation occurs in Linux systems and implement some best practices to keep your organization safe: go.es.io/3vkG8Av

#ElasticSecurityLabs

Streamline Linux detections with this new article on Auditd from Ruben Groenewoud. This article explores the tool’s capabilities, how to set it up on your own system, and walks through an introduction to Auditd Manager: go.es.io/3PMWyIN

#Linux #ElasticSecurityLabs

We've got a new report: the LLM Safety Assessment! This brand new publication discusses LLM implementation risks, expands on OWASP® Foundation‘s research, and provides mitigations for common threats. Get it for free: go.es.io/4a7FJiY

#ElasticSecurityLabs #generativeAI #LLM

The recent discovery of the XZ backdoor into Linux systems has caused quite a stir. See our detailed breakdown of CVE-2024-3094 and the protections we’ve created in this new article from Samir, Mika Ayenson, and Jake: go.es.io/3TJYin8

#ElasticSecurityLabs

Part two of Cyril F. and Samir's new series is up! This article explores REMCOS' recording capabilities and how it communicates with its C2. Check it out: go.es.io/44iqp1T

#ElasticSecurityLabs #malware

#ElasticSecurityLabs

Interested in securing the lifecycle of your LLM? The newest article from Mika Ayenson details his research into native protections against the OWASP® Foundation Top Ten with ES|QL. Check it out: go.es.io/3Qht7i9

#ElasticSecurityLabs #GenerativeAI #LLM #securityresearch

Ready for part 3? In this chapter, Cyril F. and Samir discuss REMCOS configuration and list the C2 commands! Read it here: go.es.io/3UmAZjK

#ElasticSecurityLabs #malware

cybersecurity-help.cz/blog/3588.html

Researchers discovered a new malware campaign that leverages MSIX application packages to infect Windows machines with a stealthy malware loader called ‘Ghostpulse.’

#ElasticSecurityLabs #MSIX #Ghostpulse

In the first of three, Cyril F. gives an overview of the #REMCOS implant’s major capabilities. Tune in next week to gain new insights, learn detection strategies from @sbousseaden, and more! Read part 1 here: go.es.io/4aZrtcX #ElasticSecurityLabs #malware

Russian cybercriminals spread new Lobshot banking trojan via Google ads #TA505 , #malvertising , #ElasticSecurityLabs cybersecurity-help.cz/blog/3265.html

We’re releasing a new #detection ruleset for Amazon Web Services’s Bedrock! This new publication from Mika Ayenson, Susan Shu Chang, and Jake details the rules and our suggestions for standardizing security fields: go.es.io/3WozN1U

#ElasticSecurityLabs #LLM #generativeai

MSIX App Installer Protocol がデフォルトで OFF：マルウエア配布の武器にされている
iototsecnews.jp/2023/12/29/mic…
#CyberAttack #ElasticSecurityLabs #Malware #Microsoft #msappinstaller #MSIX #Phishing #RAT #SangriaTempest #Scammer #Storm0569 #Storm1113 #Storm1674 #TTP #Windows #ZeroTrust

#ElasticSecurityLabs unpacks a recent ICEDID #Malware sample and releases new tools for threat research, learn more about this financially-motivated threat here: go.es.io/42mWzXR

Check out this brand new publication from Elastic Security Labs: the LLM Safety Assessment.

This report explores #GenAI and #LLM safety, including in-depth explanations of risks and best practices to mitigate attacks. go.es.io/3WAtV5Q

#ElasticSecurityLabs