Security Labs

Elastic 2022 Global Threat Report: Eine Roadmap für die ständig wachsende Bedrohungslandschaft

Mit Threat Intelligence-Ressourcen wie dem 2022 Elastic Global Threat Report können Teams ihre Organisation im Hinblick auf Transparenz, Funktionalität und Fachwissen beurteilen und Cybersicherheitsbedrohungen identifizieren und vermeiden.

Von

Mandy Andress

15. November 2022

Security Research

See all

Exploring the Future of Security with ChatGPT

Recently, OpenAI announced APIs for engineers to integrate ChatGPT and Whisper models into their apps and products. For some time, engineers could use the REST API calls for older models and otherwise use the ChatGPT interface through their website.

Von

Mika Ayenson

Click, Click… Boom! Automating Protections Testing with Detonate

To automate this process and test our protections at scale, we built Detonate, a system that is used by security research engineers to measure the efficacy of our Elastic Security solution in an automated fashion.

Von

Jessica David

Hez Carty

27. März 2023

Effective Parenting - detecting LRPC-based parent PID spoofing

Using process creation as a case study, this research will outline the evasion-detection arms race to date, describe the weaknesses in some current detection approaches and then follow the quest for a generic approach to LRPC-based evasion.

Von

John Uhlmann

9. Februar 2023

Malware Analysis

See all

Elastic users protected from SUDDENICON’s supply chain attack

Elastic Security Labs is releasing a triage analysis to assist 3CX customers in the initial detection of SUDDENICON, a potential supply-chain compromise affecting 3CX VOIP softphone users.

Von

Daniel Stepanic

Remco Sprooten

Not sleeping anymore: SOMNIRECORD's wake-up call

Elastic Security Labs researchers identified a new malware family written in C++ that we refer to as SOMNIRECORD. This malware functions as a backdoor and communicates with command and control (C2) while masquerading as DNS.

Von

Salim Bitam

NAPLISTENER: more bad dreams from developers of SIESTAGRAPH

Elastic Security Labs observes that the threat behind SIESTAGRAPH has shifted priorities from data theft to persistent access, deploying new malware like NAPLISTENER to evade detection.

Von

Remco Sprooten

Thawing the permafrost of ICEDID Summary

Elastic Security Labs analyzed a recent ICEDID variant consisting of a loader and bot payload. By providing this research to the community end-to-end, we hope to raise awareness of the ICEDID execution chain, capabilities, and design.

Von

Cyril François

Daniel Stepanic

Campaign

See all

Exploring the REF2731 Intrusion Set

The Elastic Security Labs team has been tracking REF2731, an 5-stage intrusion set involving the PARALLAX loader and the NETWIRE RAT.

Von

Salim Bitam

Daniel Stepanic

30. September 2022

CUBA Ransomware Campaign Analysis

Elastic Security observed a ransomware and extortion campaign leveraging a combination of offensive security tools, LOLBAS, and exploits to deliver the CUBA ransomware malware.

Von

Daniel Stepanic

Derek Ditch

1. Juni 2022

PHOREAL Malware Targets the Southeast Asian Financial Sector

Elastic Security discovered PHOREAL malware, which is targeting Southeast Asia financial organizations, particularly those in the Vietnamese financial sector.

Von

Daniel Stepanic

Derek Ditch

7. März 2022

Groups & Tactics

See all in Groups & Tactics

Exploring the QBOT Attack Pattern

In this research publication, we'll explore our analysis of the QBOT attack pattern — a full-featured and prolific malware family.

Von

Cyril François

Seth Goodwin

Okta and LAPSUS$: What you need to know

The latest organization under the microscope of the LAPSUS$ group is Okta. Threat hunt for the recent breach targeting Okta users using these simple steps in Elastic

Von

Jake King

Playing defense against Gamaredon Group

Learn about the recent campaign of a Russia-based threat group known as Gamaredon Group. This post will review these details and provide detection strategies.

Von

Daniel Stepanic

Andrew Pease

Elastic Security Labs

Elastic Security Labs pairs research on emerging threats with analysis of strategic, operational, and tactical adversary objectives.

Learn more

Enterprise Search

Observability

Security

Elastic Cloud

Elastic (ELK) Stack

Elastic 8.7 veröffentlicht

Elastic Stack upgraden

Dokumentation

ElasticON Global 2023

Wir stellen ein

Elastic-Power

Bessere digitale Erlebnisse für Ihre Kunden

Weiterentwicklung des DevOps-Lebenszyklus

Grenzenlose Security

Öffentlicher Sektor

Finanzdienstleistungen

Telekommunikation

Gesundheitswesen

Technologie

Einzelhandel und E-Commerce

Medien und Entertainment

Fertigung und Automobilindustrie

Cybersicherheitslösungen für eine Welt voller Risiken

Enterprise Search

Observability

Security

Erste Schritte

Support

Kontaktaufnahme

Audi Business Innovation

Mayr-Melnhof Group

Jaguar Land Rover

Dokumentation

Blogs

Schulung

Events

Community

Consulting

Messbarer Erfolg durch Elastic Enterprise Search

Erste Schritte mit Elasticsearch

Observability-Engineer-Schulung

Über Elastic

Karriere

Presse

Partner

Investor Relations

Elastic Excellence Awards

Warum genau jetzt die richtige Zeit ist, wichtige Datenbanken in die Cloud zu verlagern

Enterprise Search

Observability

Security

Elastic Cloud

Elastic (ELK) Stack

Elastic 8.7 veröffentlicht

Elastic Stack upgraden

Dokumentation

ElasticON Global 2023

Wir stellen ein

Elastic-Power

Bessere digitale Erlebnisse für Ihre Kunden

Weiterentwicklung des DevOps-Lebenszyklus

Grenzenlose Security

Öffentlicher Sektor

Finanzdienstleistungen

Telekommunikation

Gesundheitswesen

Technologie

Einzelhandel und E-Commerce

Medien und Entertainment

Fertigung und Automobilindustrie

Enterprise Search

Observability

Security

Erste Schritte

Support

Kontaktaufnahme

Audi Business Innovation

Mayr-Melnhof Group

Jaguar Land Rover

Dokumentation