The Vollgar Campaign: MS-SQL Servers Under Attack
Guardicore Labs uncovers an attack campaign that’s been under the radar for almost two years, breaching MS-SQL servers and infecting them with remote-access tools and cryptominers.
January 2020’s Patch Tuesday
/1 Comment/in Labs /by Daniel Goldberg and Yoni RozensheinGuardicore Labs extracts what you need to know regarding the January 2020 Patch Tuesday and data centers.
Threats Making WAVs – Incident Response to a Cryptomining Attack
/in Labs /by Guardicore Labs TeamGuardicore security researchers describe and uncover a full analysis of a cryptomining attack, which hid a cryptominer inside WAV files. The report includes the full attack vectors, from detection, infection, network propagation and malware analysis and recommendations for optimizing incident response processes in data centers.
Iran Cyber Threats and Defenses
/in Labs /by Daniel GoldbergGuardicore Labs explains the danger and current status of online Iranian attacks
Windows Server 2008 R2 and Windows 7 are End of Life
/in Labs /by Daniel GoldbergDiscover the steps to harden machines running Windows 7, Windows Server 2008 and Windows Server 2008 R2 against the inevitable unpatched vulnerability that will be disclosed for these systems.
Guardicore Infection Monkey for Zero Trust
/in Labs /by Shay NehmadGuardicore Labs provided assistance in a ransomware investigation. We analysed the decryption process of the IEncrypt ransomware and provided a safe-to-use version of the attackers’ decryptor.
The Massive Propagation of the Smominru Botnet
/in Labs /by Ophir Harpaz and Daniel GoldbergGuardicore Labs provided assistance in a ransomware investigation. We analysed the decryption process of the IEncrypt ransomware and provided a safe-to-use version of the attackers’ decryptor.
The Nansh0u Campaign – Hackers Arsenal Grows Stronger
/6 Comments/in Labs /by Ophir Harpaz and Daniel GoldbergGuardicore Labs provided assistance in a ransomware investigation. We analysed the decryption process of the IEncrypt ransomware and provided a safe-to-use version of the attackers’ decryptor.
May 2019’s Patch Tuesday: Must-Knows for Every Data Center
/in Labs /by Daniel Goldberg and Ophir HarpazGuardicore Labs provided assistance in a ransomware investigation. We analysed the decryption process of the IEncrypt ransomware and provided a safe-to-use version of the attackers’ decryptor.
IResponse to IEncrypt
/3 Comments/in Labs /by Ophir Harpaz and Danielle KuznetsGuardicore Labs provided assistance in a ransomware investigation. We analysed the decryption process of the IEncrypt ransomware and provided a safe-to-use version of the attackers’ decryptor.