SBN

Targeted attacks with public tools

  • Process and memory injection
  • Anti-malware evasion
  • File-less attacks (including Microsoft PowerShell)

Toolkit Compromise Rates
(with no detection)

2018 – 2019

Shellter

Veil

4%

PowerShell Empire

20%

Blocked or Neutralised = Protection
+ Complete Remediation = Complete Protection

Shellter
Detection and Protection Rates

2018 Q1

2018
Q2

2018
Q3

2018
Q4

2019
Q1

Detection
rate

97%

95%

94%

100%

96%

Protection
rate

79%

74%

75%

88%

94%

Complete
protection

41%

45%

49%

66%

76%

Veil Detection and Protection Rates

2018 Q1

2018 Q2

2018 Q3

2018 Q4

Detection

96%

96%

94%

100%

Protection

81%

82%

87%

92%

Complete Protection

63%

68%

70%

75%

PowerShell Empire
Detection and Protection Rates

2018 Q3

2018 Q4

2019 Q1

Detection

77%

78%

86%

Protection

70%

75%

86%

Complete Protection

54%

75%

60%

Phantom Evasion Detection and Protection Rates

2019 Q1

Detection

97%

Protection

91%

Complete Protection

69%

Metasploit Evasion Detection and Protection Rates

2018 Q4

2019 Q1

Detection

100%

99%

Protection

86%

94%

Complete Protection

55%

77%


*** This is a Security Bloggers Network syndicated blog from SPECIAL EDITION authored by Simon PG Edwards. Read the original post at: http://blog.selabs.uk/2019/08/targeted-attacks-with-public-tools.html