Posts

Detecting and Mitigating WannaCry and Its Copycats Using GuardiCore Centra Platform

Attack overview WannaCry and its copycat attacks work by exploiting the Microsoft Windows SMB Server critical vulnerability (MS17-010). Patched Windows machines are safe while any unpatched Windows machine is at risk. The WannaCry campaign threatens internet facing as well as internal networks, since a compromised laptop/server in the network will try to propagate and infect […]

Musing on Ransomware and Other Sophisticated Attacks

Everyone has something to write about ransomware. One can not open a mobile device or a news site without getting notification about some new ransomware-related content.  There’s a good reason: The recent events, media attention and to a certain degree, the public’s panic around the WannaCry ransomware attack are driving a lot of interest and even increase the […]

The Bondnet Army: Questions & Answers

Last week we announced the discovery of Bondnet, a new botnet that was uncovered by GuardiCore Labs. The originator of Bondnet had installed a cryptocurrency miner and backdoor in thousands of servers of varying power and conscripted them into a botnet – a group of computing devices that can be centrally controlled for malicious purposes.