Test Your ATT&CK Before the Attack With Guardicore Infection Monkey
Test Your ATT&CK Before the Attack With Guardicore Infection Monkey
What’s a 10? Pwning vCenter with
CVE-2020-3952
/11 Comments/in Labs /by JJ Lehmann and Ofri ZivGuardicore Labs provides a full, detailed technical analysis of the latest vulnerability from VMware – CVE-2020-3952. The bug, which hit the maximal score of CVSS 10.0, allows a malicious actor to take over the complete vSphere infrastructure, with all its machines and servers.
CVE-2020-3952
The Vollgar Campaign: MS-SQL Servers Under Attack
/2 Comments/in Labs /by Ophir HarpazGuardicore Labs uncovers an attack campaign that’s been under the radar for almost two years, breaching MS-SQL servers and infecting them with remote-access tools and cryptominers.
January 2020’s Patch Tuesday
/1 Comment/in Labs /by Daniel Goldberg and Yoni RozensheinGuardicore Labs extracts what you need to know regarding the January 2020 Patch Tuesday and data centers.
Threats Making WAVs – Incident Response to a Cryptomining Attack
/in Labs /by Guardicore Labs TeamGuardicore security researchers describe and uncover a full analysis of a cryptomining attack, which hid a cryptominer inside WAV files. The report includes the full attack vectors, from detection, infection, network propagation and malware analysis and recommendations for optimizing incident response processes in data centers.
Iran Cyber Threats and Defenses
/in Labs /by Daniel GoldbergGuardicore Labs explains the danger and current status of online Iranian attacks
Windows Server 2008 R2 and Windows 7 are End of Life
/in Labs /by Daniel GoldbergDiscover the steps to harden machines running Windows 7, Windows Server 2008 and Windows Server 2008 R2 against the inevitable unpatched vulnerability that will be disclosed for these systems.
Guardicore Infection Monkey for Zero Trust
/in Labs /by Shay NehmadGuardicore Labs releases new Zero Trust features to the Infection Monkey to help organizations assess their zero trust security posture quickly and easily.
The Massive Propagation of the Smominru Botnet
/in Labs /by Ophir Harpaz and Daniel GoldbergGuardicore Labs provided assistance in a ransomware investigation. We analysed the decryption process of the IEncrypt ransomware and provided a safe-to-use version of the attackers’ decryptor.
The Nansh0u Campaign – Hackers Arsenal Grows Stronger
/6 Comments/in Labs /by Ophir Harpaz and Daniel GoldbergGuardicore Labs provided assistance in a ransomware investigation. We analysed the decryption process of the IEncrypt ransomware and provided a safe-to-use version of the attackers’ decryptor.