Blog
Find all the latest cybersecurity news decrypted and analyzed by Gatewatcher experts!

Tags

Cryptominer : Detecting a growing source of revenue for cyber attackers
In a context of securizing its digital environment, the increase in the price

Which way to go for machine learning in cybersecurity anomaly detection?
Introduction In a previous article (Artificial Intelligence and Cybersecurity: the role of machine

CVE-2021-21974 – VMware ESXi OpenSLP heap-overflow vulnerability
WHY RETURN TO A 2021 VULNERABILITY? After the return of the CVE-2021-35394 vulnerability

Better detect CVE-2021-35394 Realtek Jungle SDK with Gatewatcher’s Purple Team
CVE-2021-35394 : Realtek Jungle SDK version v2.x up to v3.4.14B multiple memory corruption

Malware Analysis: RecordBreaker
1 Introduction RecordBreaker is the successor of Raccoon Stealer and is often referred

My traffic is encrypted, an NDR won’t see anything… Wanna bet?
In this world of permanent and increasingly sophisticated cyber-attacks, it seems essential to

Everything can be bought on the Dark web
For several months, we have seen an increase in the number of cyber-attacks

Hunting Advanced BotNets with NDR Solutions
Botnets are everywhere and play a crucial part in the kill-chain process in

Malware Analysis Lyceum
Lyceum is an APT group mostly active in the middle east, targeting energy

Building a Debian rootfs from an unprivileged user with debootstrap
At Gatewatcher, we put efforts in making our building system reproducible and working

Security operations : New terminologies for old problems ?
6 EASY STEPS DECISION-MAKERS SHOULD EMPHASIZE IN THE ORIENTATION & DECISION-MAKING PROCESS The

Time for vacation? Check out our Summer Cyber Tips
Because cybercriminals do not take a break even during the summer, Gatewatcher gives

Reasons why organizations are choosing a new breed of NDR
It’s noteworthy. In just seven years, our self-funded cyber security company has managed

How to detect the Spring4Shell CVE ?
As of March 30, 2022, a vulnerability on the Spring framework has been

Malware Agent Tesla
Agent Tesla is a .NET based trojan and credential stealer first seen in

How do EDR and NDR complement each other?
For a long time we had a debate about “stateful or stateless firewall”,

Detecting Log4Shell on networks monitored by Trackwatch
On Thursday, December 9, 2021, a remote code execution (RCE) vulnerability (dubbed Log4Shell

Cybersecurity challenges for companies
The security market has known in recent years revelations. Although they were widely

New Year’s resolutions and best IT practices
Who says new year says good resolutions. And this also applies to cybersecurity

Detection probes: performance, evaluation and bias
Published on Connect (Diamond) by Florian Maury/Gatewatcher. In April 2019, the ANSSI qualified