elastic security labs logo
About
Vulnerability updatesReportsTools
Subscribe

Author

Colson Wilhoit

Elastic

Subscribe

Articles

Elastic catches DPRK passing out KANDYKORN
1 November 2023

Elastic catches DPRK passing out KANDYKORN

Elastic Security Labs exposes an attempt by the DPRK to infect blockchain engineers with novel macOS malware.

The DPRK strikes using a new variant of RUSTBUCKET
14 July 2023

The DPRK strikes using a new variant of RUSTBUCKET

Watch out! We’ve recently discovered a variant of RUSTBUCKET. Read this article to understand the new capabilities we’ve observed, as well as how to identify it in your own network.

Initial research exposing JOKERSPY
21 June 2023

Initial research exposing JOKERSPY

Explore JOKERSPY, a recently discovered campaign that targets financial institutions with Python backdoors. This article covers reconnaissance, attack patterns, and methods of identifying JOKERSPY in your network.

The Elastic Container Project for Security Research
1 March 2023

The Elastic Container Project for Security Research

The Elastic Container Project provides a single shell script that will allow you to stand up and manage an entire Elastic Stack using Docker. This open source project enables rapid deployment for testing use cases.

Detecting and responding to Dirty Pipe with Elastic
9 September 2022

Detecting and responding to Dirty Pipe with Elastic

Elastic Security is releasing detection logic for the Dirty Pipe exploit.

A peek behind the BPFDoor
13 July 2022

A peek behind the BPFDoor

In this research piece, we explore BPFDoor — a backdoor payload specifically crafted for Linux in order to gain re-entry into a previously or actively compromised target environment.

  • Sitemap
  • Elastic.co
  • @elasticseclabs

© 2023. Elasticsearch B.V. All Rights Reserved.