ReaQta has found evidence of an active Gootkit trojan campaign with focus on Italian government institutions. We began tracking the campaign since the end of November 2018 and so far it showed a very low detection rate.
Continue reading “Gootkit Campaign Targeting Italian Government Institutions”
Proactive Threat Hunting helps in the early detection of new threats and in the discovery of weak spots that can be leveraged by an attacker to gain or maintain access to an infrastructure. Traditional IOCs, combined with ATT&CK Mitre TTPs and Artificial Intelligence for discovery of new behaviors raises the bar for the attackers, helping responders to identify breaches at a very early stage, enabling them to contain and mitigate the attacks quickly and effectively.
Continue reading “Proactive Threat Hunting with A.I.”
Mavinject is a legitimate Windows component that can be used, and abused, to perform arbitrary code injections inside any running process. As this is a common component on Windows, it can be leveraged to perform living-off-the-land attacks.
Continue reading “From False Positive to True Positive: the story of Mavinject.exe, the Microsoft Injector”
Cyber security is a hot topic. Quite frankly it always was an interesting subject, though today threats have been advancing at an alarming rate, companies are increasingly more concerned about their data, especially after the amount of data breaches reported this year and actively pursuing strategies to build better guards for their intellectual property.
Continue reading “Must know before buying an endpoint security system”