Unveiling Remcos RAT & PowerShell Bypasses | Threat Detection Highlights (June 2024 Edition)
Vložit
- čas přidán 24. 06. 2024
- As part of our ongoing efforts to monitor and combat evolving threats, we are excited to present the June edition of our webinar series. In this 30-minute session, we'll showcase the latest enhancements in our sandboxing and threat analysis tool, including new VTIs for identifying evasive threats, smart link detonation rules for spotting hidden phishing links, and upgraded capabilities for detecting and analyzing Remcos RAT.
In this webinar, you will learn:
- Upgraded #Remcos RAT Config Extractor: Explore the updated configuration extractor for Remcos RAT, offering better IOC extraction and detailed reporting on this widespread remote access threat.
- New VTI for #powershell Execution Policy Bypass: Dive into new VTI detection of PowerShell with execution policy set to "Bypass" a tactic frequently used by malware to execute without restrictions.
- Detection of DocuSign & PDF #phishing: Gain insights into new rules designed to identify threats within Adobe Acrobat PDFs and phishing attempts that mimic DocuSign pages.
PLUS, a quick look at the new Integrated @Sentinelone-inc EDR Connector: Built directly into VMRay, automatically picks up incidents from SentinelOne, and submits them to the Platform, eliminating the need for manual sample submission for enrichment. - Věda a technologie
