Security Labs

Elastic 2022 Global Threat Report: Eine Roadmap für die ständig wachsende Bedrohungslandschaft

Mit Threat Intelligence-Ressourcen wie dem 2022 Elastic Global Threat Report können Teams ihre Organisation im Hinblick auf Transparenz, Funktionalität und Fachwissen beurteilen und Cybersicherheitsbedrohungen identifizieren und vermeiden.

Von

Mandy Andress

15. November 2022

Security Research

See all

Exploring the Future of Security with ChatGPT

Recently, OpenAI announced APIs for engineers to integrate ChatGPT and Whisper models into their apps and products. For some time, engineers could use the REST API calls for older models and otherwise use the ChatGPT interface through their website.

Von

Mika Ayenson

Hunting for Suspicious Windows Libraries for Execution and Defense Evasion

Learn more about discovering threats by hunting through DLL load events, one way to reveal the presence of known and unknown malware in noisy process event data.

Von

Samir Bousseaden

7. Februar 2023

NETWIRE Dynamic Configuration Extraction

Elastic Security Labs discusses the NETWIRE trojan and is releasing a tool to dynamically extract configuration files.

Von

Seth Goodwin

Salim Bitam

1. Februar 2023

Malware Analysis

See all

NAPLISTENER: more bad dreams from developers of SIESTAGRAPH

Elastic Security Labs observes that the threat behind SIESTAGRAPH has shifted priorities from data theft to persistent access, deploying new malware like NAPLISTENER to evade detection.

Von

Remco Sprooten

Thawing the permafrost of ICEDID Summary

Elastic Security Labs analyzed a recent ICEDID variant consisting of a loader and bot payload. By providing this research to the community end-to-end, we hope to raise awareness of the ICEDID execution chain, capabilities, and design.

Von

Cyril François

Daniel Stepanic

Twice around the dance floor - Elastic discovers the PIPEDANCE backdoor

Elastic Security Labs is tracking an active intrusion into a Vietnamese organization using a recently discovered triggerable, multi-hop backdoor we are calling PIPEDANCE. This full-featured malware enables stealthy operations through the use of named

Von

Daniel Stepanic

Exploring the REF2731 Intrusion Set

The Elastic Security Labs team has been tracking REF2731, an 5-stage intrusion set involving the PARALLAX loader and the NETWIRE RAT.

Von

Salim Bitam

Daniel Stepanic

Campaign

See all

CUBA Ransomware Campaign Analysis

Elastic Security observed a ransomware and extortion campaign leveraging a combination of offensive security tools, LOLBAS, and exploits to deliver the CUBA ransomware malware.

Von

Daniel Stepanic

Derek Ditch

1. Juni 2022

PHOREAL Malware Targets the Southeast Asian Financial Sector

Elastic Security discovered PHOREAL malware, which is targeting Southeast Asia financial organizations, particularly those in the Vietnamese financial sector.

Von

Daniel Stepanic

Derek Ditch

7. März 2022

Operation Bleeding Bear

Elastic Security verifies new destructive malware targeting Ukraine: Operation Bleeding Bear

Von

Daniel Stepanic

James Spiteri

19. Januar 2022

Groups & Tactics

See all in Groups & Tactics

Exploring the QBOT Attack Pattern

In this research publication, we'll explore our analysis of the QBOT attack pattern — a full-featured and prolific malware family.

Von

Cyril François

Seth Goodwin

Okta and LAPSUS$: What you need to know

The latest organization under the microscope of the LAPSUS$ group is Okta. Threat hunt for the recent breach targeting Okta users using these simple steps in Elastic

Von

Jake King

Playing defense against Gamaredon Group

Learn about the recent campaign of a Russia-based threat group known as Gamaredon Group. This post will review these details and provide detection strategies.

Von

Daniel Stepanic

Andrew Pease

Elastic Security Labs

Elastic Security Labs pairs research on emerging threats with analysis of strategic, operational, and tactical adversary objectives.

Learn more

Enterprise Search

Observability

Security

Elastic Cloud

Elastic (ELK) Stack

Elastic 8.6 veröffentlicht

Elastic Stack upgraden

Dokumentation

ElasticON Global 2023

Wir stellen ein

Elastic-Power

Bessere digitale Erlebnisse für Ihre Kunden

Weiterentwicklung des DevOps-Lebenszyklus

Grenzenlose Security

Öffentlicher Sektor

Finanzdienstleistungen

Telekommunikation

Gesundheitswesen

Technologie

Einzelhandel und E-Commerce

Medien und Entertainment

Fertigung und Automobilindustrie

Cybersicherheitslösungen für eine Welt voller Risiken

Enterprise Search

Observability

Security

Erste Schritte

Support

Kontaktaufnahme

Audi Business Innovation

Mayr-Melnhof Group

Jaguar Land Rover

Dokumentation

Blogs

Schulung

Events

Community

Consulting

Messbarer Erfolg durch Elastic Enterprise Search

Erste Schritte mit Elasticsearch

Observability-Engineer-Schulung

Über Elastic

Karriere

Presse

Partner

Investor Relations

Elastic Excellence Awards

Warum genau jetzt die richtige Zeit ist, wichtige Datenbanken in die Cloud zu verlagern

Enterprise Search

Observability

Security

Elastic Cloud

Elastic (ELK) Stack

Elastic 8.6 veröffentlicht

Elastic Stack upgraden

Dokumentation

ElasticON Global 2023

Wir stellen ein

Elastic-Power

Bessere digitale Erlebnisse für Ihre Kunden

Weiterentwicklung des DevOps-Lebenszyklus

Grenzenlose Security

Öffentlicher Sektor

Finanzdienstleistungen

Telekommunikation

Gesundheitswesen

Technologie

Einzelhandel und E-Commerce

Medien und Entertainment

Fertigung und Automobilindustrie

Enterprise Search

Observability

Security

Erste Schritte

Support

Kontaktaufnahme

Audi Business Innovation

Mayr-Melnhof Group

Jaguar Land Rover

Dokumentation