Important news and updates from the Cymulate Team.
- 7 Topics
- 5 Replies
On August 21, 2023 we uploaded an Immediate Threat by the name ”MoustachedBouncer Targets Diplomats In Belarus” which included several Indicators of Compromise (IOCs).Within the associated IOCs which were uploaded, there were 2 that are not malicious URLs and are legitimate Microsoft URLs.The following URLs are not malicious:http://msftconnecttest.com/redirect http://msftconnecttest.com/connecttest.txtWe have removed this Immediate Threat as well as the reports associated with it. Please ensure that these URLs are accessible from your organization.We apologize for any inconvenience.Best, The Cymulate Team
We're absolutely thrilled to have you join us, whether you're a seasoned Cymulator or just taking your first steps. This vibrant community is where industry professionals like yourself come together to share knowledge, exchange brilliant ideas, and elevate your expertise to new heights.As members of the Cymulate community, you gain access to an array of exclusive benefits. Here's a glimpse of the thrilling perks that await you: 🔒 Stay Ahead of the Curve: Our community provides a one-of-a-kind opportunity to stay on the cutting edge of the ever-evolving cybersecurity landscape. Be at the forefront of the latest trends, techniques, and challenges, ensuring you stay ahead of the curve in this dynamic field. 🤝 Connect and Collaborate: Forge meaningful connections with like-minded enthusiasts, seasoned experts, and brilliant thought leaders. Connect with digital security professionals from around the globe, collaborate on exciting projects, and engage in stimulating discussions that expan
IMPORTANT: New EDR evasion vulnerability and proof of concept techniques uncovered by Cymulate. Test to see if you are vulnerable.
Cymulate Discovers Proof of Concept Exploit That Gets Around Many EDR Vendors Cymulate, through its Cymulate Offensive Research Group, has uncovered an exploit technique they have named BlindSide that can be used in Windows operating systems to push malicious code past many EDR vendors. EDR vendors generally have two different ways to attach to Windows OS. There tying the EDR to ETW telemetry data or they can use DLL hooking. In the case of EDR vendors who use DLL hooking, Ilan Kalendarov, lead researcher for the Cymulate Offensive Research Group uncovered you can use Windows OS’ and use a hardware breakpoint and debug register used with x86 and x64 processors to inject commands and prevent EDR scanning and protection from occurring. When enabled, he was able to start a new process in debug mode and load it without the hooked EDR and other processes. This is an evasion technique that works against EDR vendors who use DLL hooking and would prevent malicious code from being seen. For a
✅ Cisco success story.🎯 Russian propaganda gives away the location of the infamous Wagner group HQ in Ukraine.⚠️ Microsoft critical new recommendations for running Microsoft Exchange.https://www.linkedin.com/posts/cymulate_hi-welcome-to-the-cymulate-cybersecurity-activity-6965308053411741697-hTHD?utm_source=linkedin_share&utm_medium=member_desktop_web
Hey Hat-Trickers!We are excited to announce the top community contributors for the last quarter of 2021:@Aayush @David_Barrientos @PickleRick @Adrian_Richings @Michael_YNWA Thank you to these people who have done a lot to help others in the community. Your contributions are appreciated. Everyone on the list has been contacted with a cool giveaway! Want to be on this list and win cool stuff? Become a top contributor by answering users' questions and adding your own content. Feel free to DM me for more details. I wish you the best of holidays and keep up the great work! 🎄🎊
Hello, dear members! I'm Idan, and I'm the Product Community Manager here at Cymulate. I am so happy to be here and I am looking forward to getting to know you soon.Among my responsibilities is to facilitate communication between you and Cymulate, as well as to provide assistance to you in making the most of this tool by learning from each other and from our professional team. Please feel free to ask questions, to add your own content and to participate in conversations. The Hat Trick community is for you - if you have any ideas about what should be added, let me know! You are welcome to edit your profile and to add your name and workplace so that we can learn more about you. Thank you again for joining us! I can’t wait to get to know you all.Cheers! Idan
Login to the community
No account yet? Create an account
LoginCUSTOMER / CYMULATE EMPLOYEE LOGIN
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.