- New Infographic breaks down the key attack stages and specific detections revealed by Bitdefender solutions
- Visually summarizes our detailed exposé of a Chinese APT group targeting Southeast Asian governments
- Bitdefender technology detects the malicious payloads and maps the behavior in each attack stage
- Proves the value of Endpoint Detection & Response, Managed Detection & Response and MSP solutions
All about Virtualization and Cloud Security | Recent Articles:
- Detailed exposé of a potential Chinese APT group targeting Southeast Asian governments
- Extensive custom toolset designed for reconnaissance, data exploration and exfiltration
- Sophisticated and distributed attack infrastructure remains partially operational to this day
- Bitdefender technology detects the malicious payloads and maps the behavior in each stage of the attack
New APT Campaign Investigation Reveal on November 17th: Dissecting a Chinese APT Targeting Southeast Asian Government Institutions
Nov 09
by
Michael Rosen
- Bitdefender unveils a long-running cyberespionage campaign against high-profile government targets
- Dive into the detailed attack timeline and learn the attacker tactics, techniques and procedures (TTPs)
- Explore applicable security use cases and security hygieneto keep you safe from sophisticated attacks
HVI Blocks SIGRed, Prevents Zero-Day Execution from Suspicious Memory Regions
Jul 16
by
Michael Rosen
- Windows DNS server remote code execution vulnerability permits full takeover of infected systems
- Wormable exploits can spread via malware between vulnerable computers without user interaction
- SIGRed vulnerability impacts nearly all versions of DNS in Windows Server dating back over 17 years
- Hypervisor Introspection (HVI) prevents zero-day code execution from suspicious memory regions
On July 14, Microsoft published Security Vulnerability CVE-2020-1350 describing a longstanding, broad-based Windows DNS server remote code execution vulnerability whereby Windows Domain Name servers fail to properly handle malformed DNS requests, allowing an attacker to corrupt memory and run arbitrary code in the context of the Local System Account. All Windows servers that are configured as DNS servers are at risk from this critical (CVSS 10) vulnerability—which Microsoft acknowledges dates back at least 17 years—putting directly at risk multiple versions of Windows Server 2008, 2012, 2016, and 2019 in widespread production worldwide.
- Managed Detection and Response is one of the fastest growing areas of cybersecurity with a 30.4% CAGR
- Huge revenue opportunity with MDR for MSPs to help customers that lack security extended teams
- Opportunities involving MDR tend to be larger, stickier, and foster deeper customer relationships than tools
- MDR solves key customer gaps in alert response management, technical skills, and overall security outcomes
MSPs, are you thinking about jumping into managed security services?
- Managed detection and response programs vary widely so carefully evaluate service provider competencies
- Beware of buzzwords in MDR vendor claims that provide little insight into their true service capabilities
- Focus your MDR goals on achieving superior security outcomes, not just on managing the flow of alerts
- Effective MDR integrates people, processes, and technology to provide wide coverage at an affordable cost
- Linux Server security historically pales in comparison to what has long been available for Windows Servers
- Transient containers frequently run the most sensitive business workloads yet are blind to security teams
- Security often breaks when upgrading server OS or changing multi-distro Linux configurations
- Server Security for Linux and Containers Beta Evaluation Program enrolling now
- EDR alerts require rapid and thorough investigation and response to deliver beneficial security outcomes
- Your business may be at risk and attackers can sneak in and remain if you don’t keep on top of your alerts
- Upgrading to MDR lets you quickly and painlessly add network security analytics visibility to your defenses
- MDR brings critical security response capabilities found at Fortune 500 companies to midmarket customers
Raising defenses to meet the demands of the changing threatscape
- Managed detection and response services vary widely so carefully evaluate competencies against your needs
- MDR delivery and execution success depends on the service provider’s people, processes, and technology
- Effective response requires game-planning pre-approved actions and escalations for foreseeable events
- Security’s challenge is matching awareness of external threats to internal goals and the ability to execute
- Managed Detection and Response addresses key customer gaps in visibility, alerts, skills, and outcomes
- Outsourcing security operations to a managed SOC allows internal teams to focus on higher-value projects
- New remote memory corruption vulnerability in Internet Explorer browsers allows for full takeover of infected systems
- Bitdefender has confirmed exploitation in the wild of CVE-2020-0674 with analysis of 2 distinct executable payloads
- Hypervisor Introspection delivers true zero-day protection by preventing all common memory exploit techniques
- Bitdefender announces the general availability release of GravityZone Sandbox Analyzer On-Premises
- Automates suspicious file submission from standard ICAP clients including web, email, and cloud gateways
- Improves targeted attack detection through Golden Image management and parallel sample detonation
Cloud Security
Subscribe to Blog Updates
Posts by Categories
- Advanced Persistent Threats (7)
- CISO (20)
- Cloud Security (122)
- Cybersecurity Awareness (28)
- Endpoint Detection and Response (6)
- Endpoint Protection & Management (25)
- Enterprise Security (428)
- Events (4)
- Financial Services (16)
- Healthcare (22)
- IoT Security (24)
- IT Compliance & Regulations (53)
- Machine Learning (9)
- Managed Detection and Response (8)
- Managed Service Providers (19)
- Network Protection (11)
- Privacy and Data Protection (105)
- Ransomware (12)
- Remote Work (5)
- SMB Security (44)
- Telecommunications (2)
- Threat Research (94)
- Virtualization & Data Center Security (81)
Latest Tweets
Tweets by @Bitdefender_EntPosts by Month
- February 2021 (9)
- January 2021 (12)
- December 2020 (31)
- November 2020 (33)
- October 2020 (39)
- September 2020 (26)
- August 2020 (29)
- July 2020 (34)
- June 2020 (40)
- May 2020 (33)
- April 2020 (31)
- March 2020 (28)
- February 2020 (23)
- January 2020 (26)
- December 2019 (28)
- November 2019 (24)
- October 2019 (28)
- September 2019 (19)
- August 2019 (17)
- July 2019 (23)
- June 2019 (15)
- May 2019 (17)
- April 2019 (20)
- March 2019 (19)
- February 2019 (20)
- January 2019 (19)
- December 2018 (19)
- November 2018 (23)
- October 2018 (22)
- September 2018 (22)
- August 2018 (23)
- July 2018 (24)
- June 2018 (22)
- May 2018 (28)
- April 2018 (23)
- March 2018 (22)
- February 2018 (19)
- January 2018 (19)
- December 2017 (13)
- November 2017 (17)
- October 2017 (19)
- September 2017 (18)
- August 2017 (16)
- July 2017 (17)
- June 2017 (16)
- May 2017 (17)
- April 2017 (15)
- March 2017 (16)
- February 2017 (13)
- January 2017 (14)
- December 2016 (11)
- November 2016 (14)
- October 2016 (11)
- September 2016 (10)
- August 2016 (15)
- July 2016 (12)
- June 2016 (15)
- May 2016 (10)
- April 2016 (13)
- March 2016 (15)
- February 2016 (14)
- January 2016 (6)
- December 2015 (6)
- November 2015 (9)
- October 2015 (8)
- September 2015 (11)
- August 2015 (8)
- July 2015 (10)
- June 2015 (3)
- May 2015 (8)
- April 2015 (6)
- March 2015 (5)
- February 2015 (7)
- January 2015 (8)
- December 2014 (8)
- November 2014 (9)
- October 2014 (8)
- September 2014 (9)
- August 2014 (9)
- July 2014 (8)
- June 2014 (8)
- May 2014 (6)
- April 2014 (8)
- March 2014 (5)