Mimikatz

Threat Analysis Report: Inside the Destructive PYSA Ransomware

Threat Analysis Report: Inside the Destructive PYSA Ransomware

| | Anti-Ransomware, antivirus, cyberattack, cybercrime, Cybereason Anti-Ransomware Solution, Cybereason Defense Platform, Cybereason XDR Platform, Double Extortion, EDR, Endpoint Controls, Endpoint Protection Platform, EPP, Extended Detection and Response, Koadic, Mespinoza ransomware, microsoft defender, Mimikatz, Multi-Stage Ransomware, Network Security, Next Generation Antivirus, ngav, powershell, pPsExec, Pysa ransomware, RansomOps, Ransomware, Threat Alerts, Unified Endpoint Security, XDR
The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them ...
Blog
hackers evil Swarmshop Security as Bad Guy Myth

An Inside Look at How Hackers Operate

| | Cybersecurity, Hackers, Hacking, Mimikatz, senhas lsass
We’ve all seen shows where a character like The Flash, for instance, needs eyes on a situation to fight the bad guy, and a computer nerd, like Felicity, breaks into Central City’s ...
Security Boulevard
The RastaLabs experience

The RastaLabs experience

| | ad security, hackthebox, Mimikatz, pentest, rastalabs, redteam
IntroductionIt was 20 November, and I was just starting to wonder what I would do during the next month. I had already left my previous job, and the new one would only ...
Jump ESP, jump!
Satan ransomware rebrands as 5ss5c ransomware

Satan ransomware rebrands as 5ss5c ransomware

| | 5ss5c, 5SS5C Encoder, 5ss5c ransomware, 5ss5c_CRYPT, 5ss5c_token, [email protected], DBGer ransomware, EternalBlue, Mimikatz, Ransomware, Satan ransomware
The cybercrime group that brought us Satan, DBGer and Lucky ransomware and perhaps Iron ransomware, has now come up with a new version or rebranding named "5ss5c".In a previous blog post, Satan ...
Blaze's Security Blog
Why Most Organizations Still Can’t Defend against DCShadow – Part 2

Why Most Organizations Still Can’t Defend against DCShadow – Part 2

| | Active Directory, DCShadow, Mimikatz, Windows vulnerability
In part 1 of this blog post, I talked about the threat that DCShadow poses to organizations that use Microsoft Active Directory (AD). Here in part 2, I’ll talk about steps you ...
Semperis
Figure 1 – Monero’s value in USD from December 2018 to June 2019, source - CoinGecko.com

Cryptojacking: An Unwanted Guest

| | ATT&CK, backdoor, Bromium Labs, coin miner, coinminer, crypojacking, Cryptojacking, CVE-2017-8464, doublepulsar, EquationDrug, EquationGroup, EternalBlue, ETERNALCHAMPION, EternalRomance, Exploit, Malware, masscan, Mimikatz, MITRE, Monero, nsa, ShadowBrokers, SmbTouch, SMBv1, T1031, T1035, T1050, T1053, T1058, T1065, T1089, T1094, T1095, T1105, T1107, T1112, T1128, T1129, TA0001, TA0002, TA0003, TA0004, TA0005, TA0006, TA0007, TA0008, TA0009, TA0010, TA0011, TA0040, techniques, threats, trojan, Winpcap, XMR
We analyse a cryptojacking attack that mines the Monero cryptocurrency. The value of Monero in US dollars has more than doubled over the first half of 2019, from $46 to $98. The ...
Bromium
Emotet, Lokibot, TrickBot still impacting enterprise environments globally

Emotet, Lokibot, TrickBot still impacting enterprise environments globally

| | Emotet, Industry News, LokiBot, Mimikatz, network, network security analytics, NTA, NTSA, TrickBot, trojan
New research based on observed attack data over the second half of 2018 (2H 2018) reveals the command-and-control and lateral activities of three high-profile pieces of malware targeting large organizations in recent ...
HOTforSecurity
Language Matters Data Breach

Five Eyes Cybersecurity Agencies Release Report on Hacking Tools

| | China Chopper, five eyes, hacking tools, HTran, JBiFrost, Mimikatz, PowerShell Empire, threat report
The national cybersecurity agencies of the United States, U.K., Canada, Australia and New Zealand, known in the intelligence world as the Five Eyes, have released a joint report on five publicly available ...
Security Boulevard
toolsmith #132 - The HELK vs APTSimulator - Part 2

toolsmith #132 – The HELK vs APTSimulator – Part 2

| | adversary emulation, APTSimulator, Detection, DFIR, elasticsearch, GraphFrame, hadoop, HELK, Jupyter Notebooks, Mimikatz, powershell, PowerSploit, Spark
Continuing where we left off in The HELK vs APTSimulator - Part 1, I will focus our attention on additional, useful HELK features to aid you in your threat hunting practice. HELK ...
HolisticInfoSecâ„¢
toolsmith #131 - The HELK vs APTSimulator - Part 1

toolsmith #131 – The HELK vs APTSimulator – Part 1

| | adversary emulation, APTSimulator, Detection, DFIR, HELK, Mimikatz, powershell, PowerSploit
Ladies and gentlemen, for our main attraction, I give you...The HELK vs APTSimulator, in a Death Battle! The late, great Randy "Macho Man" Savage said many things in his day, in his ...
HolisticInfoSecâ„¢