Collaborate Disseminate
As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? The open-source XZ Utils compression utility has been backdoored by a skille… Continue reading XZ Utils backdoor: Detection tools, scripts, rules
An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, execute the malware, and assure its persistence. Malware tactics and techniques T… Continue reading The most prevalent malware behaviors and techniques
After a short hiatus, Pikabot is back, with significant updates to its capabilities and components and a new delivery campaign. About the Pikabot loader Pikabot is a loader – a type of malware whose primary function is to serve as a delivery mech… Continue reading Pikabot returns with new tricks up its sleeve
Open-source tools represent a dynamic force in the technological landscape, embodying innovation, collaboration, and accessibility. These tools, developed with transparency and community-driven principles, allow users to scrutinize, modify, and adapt s… Continue reading 15 open-source cybersecurity tools you’ll wish you’d known earlier
Elastic has unveiled Elasticsearch Query Language (ES|QL), its new piped query language designed to transform, enrich and simplify data investigation with concurrent processing. ES|QL enables site reliability engineers (SREs), developers and … Continue reading Elastic simplifies data investigations with piped query language, ES|QL
North Korean hackers are using novel MacOS malware named KandyKorn to target blockchain engineers of a cryptocurrency exchange platform. The attack By impersonating blockchain engineering community members on Discord, the attackers used social engineer… Continue reading KandyKorn macOS malware lobbed at blockchain engineers
Wazuh is an open-source platform designed for threat detection, prevention, and response. It can safeguard workloads in on-premises, virtual, container, and cloud settings. Wazuh system comprises an endpoint security agent installed on monitored system… Continue reading Wazuh: Free and open-source XDR and SIEM
Endace announced a technical partnership with SIEM and observability platform provider Elastic. The partnership brings together the EndaceProbe Scalable Hybrid Cloud Packet Capture, Elastic Stack and Elastic Security, and provides the packet-level netw… Continue reading Endace collaborates with Elastic to accelerate cyber threat response
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It has been downloaded over 2 million times and is being used by security teams worldwide. Security Onion 2.4 comes with many updates, an… Continue reading Security Onion 2.4: Free, open platform for defenders gets huge update
In this Help Net Security video, Devon Kerr, Team Lead, Elastic Security Labs, talks about the 2023 Global Threat Report Spring edition. Key takeaways In this report, the Elastic Security team highlights how they’ve noticed a slight increase in Linux b… Continue reading How 2022’s threats will impact the global landscape in 2023