KontaktAnmelden
Kostenlos ausprobierenicon-magnifying-glass-24-blue.svg
icon-magnifying-glass-24-blue.svgicon-magnifying-glass-24-blue.svg
Security Labs

Topics

Groups and Tactics

avatar

Exploring the REF2731 Intrusion Set

The Elastic Security Labs team has been tracking REF2731, an 5-stage intrusion set involving the PARALLAX loader and the NETWIRE RAT.

Von
Salim Bitam
Daniel Stepanic

LUNA Ransomware Attack Pattern Analysis

In this research publication, we'll explore the LUNA attack pattern — a cross-platform ransomware variant.

By
Salim Bitam
Seth Goodwin
...

Exploring the QBOT Attack Pattern

In this research publication, we'll explore our analysis of the QBOT attack pattern — a full-featured and prolific malware family.

By
Cyril François
Seth Goodwin
...

A peek behind the BPFDoor

In this research piece, we explore BPFDoor — a backdoor payload specifically crafted for Linux in order to gain re-entry into a previously or actively compromised target environment.

By
Jake King
Colson Wilhoit

More on Adversary + Attack Pattern + Activity Group

Videos

Okta and LAPSUS$: What you need to know

The latest organization under the microscope of the LAPSUS$ group is Okta. Threat hunt for the recent breach targeting Okta users using these simple steps in Elastic

Von
Jake King
Videos

Collecting Cobalt Strike Beacons with the Elastic Stack

Part 1 - Processes and technology needed to extract Cobalt Strike implant beacons

Von
Derek Ditch
Daniel Stepanic
...
Videos

Elastic Security uncovers BLISTER malware campaign

Elastic Security has identified active intrusions leveraging the newly identified BLISTER malware loader utilizing valid code-signing certificates to evade detection. We are providing detection guidance for security teams to protect themselves.

Von
Joe Desimone
Samir Bousseaden
Videos

Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 2)

Learn how Elastic Endpoint Security and Elastic SIEM can be used to hunt for and detect malicious persistence techniques at scale.

Von
Brent Murphy
David French
...
Videos

Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 1)

Learn how Elastic Endpoint Security and Elastic SIEM can be used to hunt for and detect malicious persistence techniques at scale.

Von
David French
Brent Murphy
...
Videos

Playing defense against Gamaredon Group

Learn about the recent campaign of a Russia-based threat group known as Gamaredon Group. This post will review these details and provide detection strategies.

Von
Daniel Stepanic
Andrew Pease
...