Threat Bulletin: Dissecting GuLoader’s Evasion Techniques

VMRay Logo 400x120Over the last couple of months, we observed a new downloader called GuLoader (also known as CloudEyE) that has been actively distributed in 2020. In contrast to prototypical downloaders, GuLoader is known to use popular cloud services such as Google Drive, OneDrive and Dropbox to host its encrypted payloads. So far we have seen that GuLoader is being used to deliver Formbook, NanoCore, LokiBot and Remcos among others.  

Continue reading

MITRE ATT&CK T1036 Masquerading

picus Logo 2019As a defense evasion technique, adversaries change features of their malicious artifacts with legitimate and trusted ones. Code signatures, names and location of malware files, names of tasks and services are some examples of these features. After masquerading, malicious artifacts of adversaries such as malware files appear legitimate to users and security controls.

Continue reading

Lack of experts in cyber security

threatquotient logo 400x160The Internet and digital change are advancing continuously and the associated expansion of IT infrastructures is proving to be an important factor in the profitability of companies. However, this development is also accompanied by a number of challenges, most importantly the need to protect their own constantly growing IT infrastructures. Many companies are now even prepared to invest the necessary money in IT security technologies.

Continue reading

Why SQL Injection is here to stay in the OWASP Top 10

Rangeforce Logo 400x160Structured Query Language (SQL) is the language used to interact with databases that are used in the backend of web applications. With the use of queries, relevant data are retrieved, processed and stored in databases by programmers, database administrators etc. What is SQL Injection? And how can it be prevented in the year 2020? SQLs are constructed to manipulate data within a database that includes a number of tables. Below is a simple query statement.

Continue reading

Vulnerability management: Why it's no match for modern threat actors

picus Logo 2019As every security professional knows, software vulnerabilities are a fact of life. Anyone who uses any kind of software is, to some extent, putting themselves and their data at risk due to vulnerabilities that may or may not have been discovered, documented and fixed. While we can manage vulnerabilities, we can never be rid of them outright. 

Continue reading

One-Minute Webinar: Working Together to Shift to an Entirely Remote Workforce

okta logo 400 colorWork environments have always been fluid. We’ve gone from open spaces holding dozens of employees, to cubicles and private corner offices, then back to open-concept spaces all over again. And now, because of the COVID-19 pandemic, they’ve changed once more. Instead of gathering in boardrooms and engaging in hands-on brainstorming sessions, we’re joining virtual meetings. Rather than catching up with coworkers in the lunchroom, we’re sharing weekend highlights via messaging apps, email, and Zoom. 

Continue reading

HOW TO GET BROADER, DEEPER MITRE ATT&CK COVERAGE BY USING EDR AND NDR TOGETHER

ExtraHop logo 400x160kThe MITRE ATT&CK Framework has rapidly become the go-to lens through which security operations teams view their ability to detect attacker tactics, techniques, and procedures (TTPs). The ATT&CK Framework comprises 266 (and counting) TTPs across twelve tactic categories from initial compromise through maintaining persistence, defense evasion, and finally impact, spanning the course of a full cyberattack campaign.

Continue reading

Designing Information Barriers in Microsoft Teams for Real-world Collaboration

NC Logo Color 400x160In the IT and information security world, the need for Information Barriers is becoming more prevalent with the explosion of collaboration tools — in particular, Microsoft Teams. The term has quickly grown beyond its origins in financial services to encompass any policies designed to prevent certain segments of users from communicating with each other or to allow specific segments to communicate only with other specific segments. 

Continue reading

NEW ADVANCED ENDPOINT PROTECTION (AEP) COMPARATIVE RATINGS REPORT OUT TODAY

nssNSS Labs has been testing cybersecurity products and publishing the results for a long time. Our customers are consumers of cybersecurity technology and services: individuals, businesses, and governments. About 10 years ago we introduced a research and advisory service at the request of customers. They wanted to leverage our core technical knowledge and benefit from educated opinions informed over years of testing the world’s cybersecurity products. 

Continue reading

Deception Platforms Positioned in the Peak of Inflated Expectations on the Gartner Hype Cycle for Security Operations, 2020

illusive Logo 400x160We’re excited to share that Gartner’s latest Hype Cycle for Security Operations, 2020 – available here to Gartner subscribers – has positioned Deception Platforms in the Peak of Inflated Expectations on the Hype Cycle. According to the report, “security operations technologies and services defend IT systems from attack through the identification of threats and exposure to vulnerability, enabling effective response and remediation. 

Continue reading

Ectacom HQ Munich

ectacom GmbH
+49 8102 8952-0
Friedrich-Bergius-Str. 12
D-85662 Hohenbrunn
Germany

ECTACOM Vienna

ectacom GmbH
Am Europlatz 2
A-1120 Wien
Austria

ECTACOM POLAND

+48 501 295 580
This email address is being protected from spambots. You need JavaScript enabled to view it.