The Lab

Bulletin d’alerte

CVE

Test Lab

Titre résumé

Report

CTI

Cyber Threats Semester Report – January to June 2023

Read the latest report from our Purple Team experts who continually analyse cyber threats based on the rich telemetry of Gatewatcher’s NDR and CTI platforms.

Detection

Blog article

ZIP files, make it bigger to avoid EDR detection

Our Purple Team analysts have spotted a number of anomalies concerning ZIP files.

Alert

CVE

CVE-2023-40044: Progress WS_FTP

On 23 September 2023, Progress published a series of eight vulnerabilities ranging from medium (CVSS3.1: 5.3) to critical (CVSSv3.1: 10) in the WS_FTP software.

Alert

CVE

CVE Junos SRX/EX vulnerability chains to RCE

The CVSS rating system, which is useful for exchanging information about a given vulnerability, has certain limitations, such as those published by Juniper.

Detection

Blog article

Benefits of a UEBA approach

In a supply chain context, UEBA – User Entity Behavior Analytics – tools are now a real asset, as they analyse user and entity behaviour in order to identify malicious behaviour.

Report

CTI

Cyber Threats Semester Report – July to December 2022

To maintain an optimum level of protection, our Purple Team experts continually analyse cyber threats based on the rich telemetry of Gatewatcher’s NDR and CTI platforms. The Cyber Threats Semester Report (CTSR) is the result of their observations and provides a comprehensive analysis of the period from July to December 2022: the most significant malware, trends in TTPs, the most active threat actors, the main sectors targeted, etc.

Alert

CVE

CVE 2023-3519 : Citrix ADC / Gateway remote code execution

On 18 July 2023, Citrix published a security warning concerning the Netscaler ADC and Netscaler Gateway products.

Cybersecurity,Detection

Alert notice

Security advisory – Volt Typhoon on the rise due to “living-off-the-land” attacks

Last May, the US and international cybersecurity authorities jointly published a cybersecurity advisory to warn of Volt Typhoon, a group that appears to be backed by the state of the People’s Republic of China.

Cybersecurity

TTPs

Cryptominer: Detecting a growing source of revenue for cyber attackers

As the digital environment becomes increasingly secure, how can you detect the illicit use of cryptominers on networks?

Detection

Machine Learning

Which way to go for machine learning in cybersecurity anomaly detection?

How is machine learning used to detect DGAs, malicious powershells or phishing URLs?

Report

CTI

Cyber Threats Semester Report – January to June 2022

To maintain an optimum level of protection, our Purple Team experts continually analyse cyber threats based on the rich telemetry of Gatewatcher’s NDR and CTI platforms. The Cyber Threats Semester Report (CTSR) is the result of their observations and provides a comprehensive analysis of the period from January to June 2022: the most significant malware, trends in TTPs, the most active threat actors, the main sectors targeted, etc.

Develop and improve my detection and protection capabilities

Master and control my uses and my data

Building my cyber ecosystem based on a NDR

Proactively identify cyber threats

Understand the digital blueprint of my organisation

Protect my cloud environment

Adapt detection to my specific environments

Network Detection and Response NDR

Cyber Threat Intelligence – CTI

Gatewatcher TAP

Categories

Tags