像《2022 年 Elastic 全球威胁报告》这样的威胁情报资源，对于帮助团队评估他们在识别和防范网络安全威胁方面的组织可见性、能力和专业知识而言至关重要。
Elastic Security Labs discusses the NETWIRE trojan and is releasing a tool to dynamically extract configuration files.
Let's discuss three benefits that Hardware Stack Protections brings beyond the intended exploit mitigation capability, and explain some limitations.
In this blog, we will demonstrate how to detect each of four classes of process trampolining and release an updated PowerShell detection script – Get-InjectedThreadEx
The Elastic Security Labs team has been tracking REF2731, an 5-stage intrusion set involving the PARALLAX loader and the NETWIRE RAT.
Elastic Security has performed a deep technical analysis of the BUGHATCH malware. This includes capabilities as well as defensive countermeasures.
Elastic Security Labs releases a QBOT malware analysis report covering the execution chain. From this research, the team has produced a YARA rule, configuration-extractor, and indicators of compromises (IOCs).
Elastic Security has performed a deep technical analysis of the CUBA ransomware family. This includes malware capabilities as well as defensive countermeasures.
Elastic Security observed a ransomware and extortion campaign leveraging a combination of offensive security tools, LOLBAS, and exploits to deliver the CUBA ransomware malware.
Elastic Security discovered PHOREAL malware, which is targeting Southeast Asia financial organizations, particularly those in the Vietnamese financial sector.
Elastic Security verifies new destructive malware targeting Ukraine: Operation Bleeding Bear
See all in Groups & Tactics
In this research publication, we'll explore our analysis of the QBOT attack pattern — a full-featured and prolific malware family.
The latest organization under the microscope of the LAPSUS$ group is Okta. Threat hunt for the recent breach targeting Okta users using these simple steps in Elastic
Learn about the recent campaign of a Russia-based threat group known as Gamaredon Group. This post will review these details and provide detection strategies.
See all in Tools
Elastic Security Labs pairs research on emerging threats with analysis of strategic, operational, and tactical adversary objectives.