the Lab

Get all the information you need to help your security teams analyse cyber attacks technically.

– Gatewatcher technical teams
Le Lab Gatewatcher D
Filters

Categories

Tags

Alert
CVE
CVE-2024-21591 : Junos Jweb RCE OOB write 
On January 10, 2024, Juniper issued a security bulletin regarding a vulnerability in the web interface of their SRX (firewall) and EX (switch) series devices.
Alert,Bulletin d’alerte
CVE
CVE-2023-46805 / CVE-2024-21887 Ivanti 
Summary of the Ivanti alert on vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure Gateways.
Report
CTI
Cyber Threats Semester Report – January to June 2023
Read the latest report from our Purple Team experts who continually analyse cyber threats based on the rich telemetry of Gatewatcher’s NDR and CTI platforms.
Detection
Blog article
ZIP files, make it bigger to avoid EDR detection
Our Purple Team analysts have spotted a number of anomalies concerning ZIP files.
Alert
CVE
CVE-2023-40044: Progress WS_FTP
On 23 September 2023, Progress published a series of eight vulnerabilities ranging from medium (CVSS3.1: 5.3) to critical (CVSSv3.1: 10) in the WS_FTP software.
Alert
CVE
CVE Junos SRX/EX vulnerability chains to RCE
The CVSS rating system, which is useful for exchanging information about a given vulnerability, has certain limitations, such as those published by Juniper.
Detection
Blog article
Benefits of a UEBA approach
In a supply chain context, UEBA – User Entity Behavior Analytics – tools are now a real asset, as they analyse user and entity behaviour in order to identify malicious behaviour.
Report
CTI
Cyber Threats Semester Report – July to December 2022
To maintain an optimum level of protection, our Purple Team experts continually analyse cyber threats based on the rich telemetry of Gatewatcher’s NDR and CTI platforms. The Cyber Threats Semester Report (CTSR) is the result of their observations and provides a comprehensive analysis of the period from July to December 2022: the most significant malware, trends in TTPs, the most active threat actors, the main sectors targeted, etc.
Alert
CVE
CVE 2023-3519 : Citrix ADC / Gateway remote code execution
On 18 July 2023, Citrix published a security warning concerning the Netscaler ADC and Netscaler Gateway products.
Cybersecurity,Detection
Alert notice
Security advisory – Volt Typhoon on the rise due to “living-off-the-land” attacks
Last May, the US and international cybersecurity authorities jointly published a cybersecurity advisory to warn of Volt Typhoon, a group that appears to be backed by the state of the People’s Republic of China.
Cybersecurity
TTPs
Cryptominer: Detecting a growing source of revenue for cyber attackers
As the digital environment becomes increasingly secure, how can you detect the illicit use of cryptominers on networks?
Detection
Machine Learning
Which way to go for machine learning in cybersecurity anomaly detection?
How is machine learning used to detect DGAs, malicious powershells or phishing URLs?
  • 1
  • 2