Posts

FritzFrog: A New Generation of
Peer-to-Peer Botnets

Guardicore Labs uncovers a sophisticated, multifunctional P2P botnet written in Golang and targeting SSH servers.

Test Your ATT&CK Before the Attack With Guardicore Infection Monkey

Test Your ATT&CK Before the Attack With Guardicore Infection Monkey

What’s a 10? Pwning vCenter with
CVE-2020-3952

Guardicore Labs provides a full, detailed technical analysis of the latest vulnerability from VMware – CVE-2020-3952. The bug, which hit the maximal score of CVSS 10.0, allows a malicious actor to take over the complete vSphere infrastructure, with all its machines and servers.

The Vollgar Campaign: MS-SQL Servers Under Attack

Guardicore Labs uncovers an attack campaign that’s been under the radar for almost two years, breaching MS-SQL servers and infecting them with remote-access tools and cryptominers.

January 2020’s Patch Tuesday

Guardicore Labs extracts what you need to know regarding the January 2020 Patch Tuesday and data centers.

Threats Making WAVs – Incident Response to a Cryptomining Attack

Guardicore security researchers describe and uncover a full analysis of a cryptomining attack, which hid a cryptominer inside WAV files. The report includes the full attack vectors, from detection, infection, network propagation and malware analysis and recommendations for optimizing incident response processes in data centers.

Iran Cyber Threats and Defenses

Guardicore Labs explains the danger and current status of online Iranian attacks

Windows Server 2008 R2 and Windows 7 are End of Life

Discover the steps to harden machines running Windows 7, Windows Server 2008 and Windows Server 2008 R2 against the inevitable unpatched vulnerability that will be disclosed for these systems.

Guardicore Infection Monkey for Zero Trust

Guardicore Labs releases new Zero Trust features to the Infection Monkey to help organizations assess their zero trust security posture quickly and easily.

Guardicore’s Infection Monkey Becomes the Industry’s First Zero Trust Assessment Tool

Open Source Infection Monkey Provides Enterprise Leaders the Ability to Examine Adherence to Zero Trust Security Posture and Prescribe Recommendations for Faster Zero Trust Adoption

Boston, Mass. and Tel Aviv, Israel – September 12, 2019 – Guardicore, a leader in internal data center and cloud security, today unveiled new capabilities for its Infection Monkey that make it the industry’s first Zero Trust assessment tool. Added features extend the functionality of the already successful Infection Monkey, a free, open source breach and attack simulation tool used by thousands to demonstrate and analyze their environments against lateral movement and attacks.  The latest version of Infection Monkey enables both enterprise security leaders and network engineers to determine how their environments perform against a Zero Trust security posture on their path to overall Zero Trust adoption. Infection Monkey now provides security and network infrastructure teams the ability to easily and accurately examine an enterprise’s adherence to key components of the Zero Trust framework as established by Forrester with detailed explanations of security gaps and prescriptive instructions on how to rectify them. Guardicore will preview the Zero Trust capabilities of Infection Monkey with attendees of the Forrester Security & Risk Forum in National Harbor, MD this week.

“A concept first developed by Forrester Research nearly a decade ago, the Zero Trust approach to information security is gaining momentum and driving strategic technical alignment and implementations toward a process focused on building security from the inside out,” said Pavel Gurvich, Co-founder and CEO, Guardicore. “Yet many organizations are still unsure of how to move from theory to deployment and apply the principles of Zero Trust in their environment. Infection Monkey is the first tool of its kind that allows organizations to safely and easily test their environment’s Zero Trust posture and generate specific recommendations to accelerate and enhance Zero Trust adoption and ensure continued adherence. ” 

Infection Monkey with Zero Trust Assessment

Infection Monkey enables cybersecurity and infrastructure architects to operationalize Zero Trust by accurately examining an enterprise’s adherence to the pillars of Zero Trust, including detailed explanations of where the enterprise falls short, and instructions on how to address these shortcomings. Easy to deploy and run, Infection Monkey tests implementation of the Zero Trust framework by attempting to communicate with machines residing in different segments of the enterprise network, demonstrating policy violations, and generating test results with actionable recommendations for remediation.With prescriptive reporting that can be easily implemented without any additional staff or education, Infection Monkey offers security leaders the ability to illustrate enterprise Zero Trust posture against the Forrester framework with an easy to understand red, yellow, green color scheme. Like previous versions of Infection Monkey, the latest version runs on bare metal, VMWare, other hypervisors, AWS, Azure, Google, and private clouds.

Availability & Contributions

Developed by Guardicore Labs Infection Monkey is an open source breach and attack simulation tool for securely and automatically testing the resiliency of private and public cloud environments. Guardicore Infection Monkey source code is currently available from the GitHub repository. Added capabilities for Zero Trust assessment and deployments for the AWS Marketplace, Microsoft Azure Marketplace and Google Cloud Platform Marketplace will be available for download at the end of the quarter. Infection Monkey is available for Linux, Windows, AWS, Azure, Google Cloud Platform, VMWare and Docker environments. For questions, suggestions and guidance join the Infection Monkey community.

Infection Monkey is open source, developed on GitHub under the GPLv3 license. 

Guardicore Labs

Guardicore Labs is a global research team, consisting of hackers, cybersecurity researchers and industry experts. Its mission is to deliver cutting-edge cyber security research, lead and participate in academic research and provide analysis, insights and response methodologies to the latest cyber threats. Guardicore Labs helps Guardicore customers and the security community to continually enhance their security posture and protect critical business applications and infrastructure.

Creators of Infection Monkey, a popular open-source network resiliency test tool, Guardicore Labs’ high-profile threat discoveries include Nansh0u advanced crypto-mining attack,  the Hexmen multiple attack campaigns targeting database services, the Bondnet botnet used to mine different cryptocurrencies, and a privilege escalation vulnerability in VMWare. Guardicore Labs also hosts Cyber Threat Intelligence (CTI), a freely available threat intelligence portal to assist security teams in identifying and investigating malicious IP addresses and domains in data centers. To learn more visit Guardicore Labs.

About Guardicore

Guardicore is a data center and cloud security company that protects your organization’s core assets using flexible, quickly deployed, and easy to understand micro-segmentation controls. Our solutions provide a simpler, faster way to guarantee persistent and consistent security — for any application, in any IT environment. For more information, visit www.guardicore.com.