EMPRESA SEGURA - ISH Tecnologia

There is a MITRE sub-technique for injecting DLLs, called DLL Hijacking. And in this post, you'll find a theoretical explanation and a simple proof of concept, with a DLL programmed in C++ that opens the Windows calculator...

February 10th, 2022December 10th, 2024

Jaqueline SantosBlog, Trends

The TOP 10 Windows versions with the most patches and how to update them

By Átila Altoé and Laura Cardillo It's now a Microsoft tradition to release updates for different editions of the operating system every Tuesday. That's why it's known as Patch Tuesday. And this week, we found out which 10 versions of Windows...

January 6th, 2022December 10th, 2024

Jaqueline SantosBlog, Insider

The turn of the year was marked by e-mail problems on Exchange servers

By Alexandre Siviero, Atila Altoé and Laura Cardillo As soon as 2022 began, a problem in the component that scans attachments in emails on Exchange servers interrupted the messaging queues. One interesting point was the similarity of the programming flaw...

October 27th, 2021December 10th, 2024

Jaqueline SantosInsider, Blog

Group involved in SolarWinds case makes new attacks on supply chain

Nobelium, the group involved in the SolarWinds case, is replicating tactics from previous supply chain attacks with new approaches. Such attacks have been taking place in the United States and Europe since May 2021....

group that attacked the Colonial Pipeline

May 24, 2021December 10th, 2024

Jaqueline SantosBlog, Insider, On-the-go, Trends

We explain how the group that attacked Colonial Pipeline operates; 13% of the victims were Brazilian companies

In recent days, the whole world has heard about the group that attacked Colonial Pipeline, called the DarkSide Ransomware Group. The attacks on large companies amounted to around U$90 million in Bitcoin. There have been at least 47 companies in the last 9...

May 19th, 2021December 10th, 2024

Jaqueline SantosBlog, General, Insider, Trends

The Colonial Pipeline case shows that ransomware is more sophisticated; so is protecting yourself from it

When a giant like Colonial Pipeline, the largest oil pipeline operator in the United States, falls victim to ransomware with such catastrophic results, even triggering a crisis in the fuel market, the warning goes out to all other companies, from...

ongoing phishing campaign using Trickbot

April 8th, 2021December 10th, 2024

Jaqueline SantosBlog, Insider, Insights

We have identified a scam using Trickbot and here are our recommendations

ISH's threat intelligence team has detected an ongoing phishing campaign using Trickbot, a sophisticated Trojan first identified in 2016 and constantly updated. Trickbot is used to steal information from...

March 11, 2021December 10th, 2024

Jaqueline SantosBlog, Insider, Insights

This is one of the biggest costs in the event of a ransomware attack

Companies that are victims of a ransomware attack can take days, sometimes even weeks, to restore their systems after an event. And downtime can be very expensive. If services and operations are interrupted, there are many...

The key to security is threat response time

January 5th, 2021December 10th, 2024

Jaqueline SantosBlog, Trends

The key to containing attacks is the speed of the response time to threats

The impact of a cyber attack is measured by how long an attacker remains in a company's systems unnoticed. The longer inside an environment, the more access to critical systems. Therefore, the key to containing attacks...

It's not digital security in Brazil that needs to evolve, but the mentality

November 12th, 2020December 10th, 2024

Jaqueline SantosBlog, Insider, Insights, On-the-go, Trends

It's not digital security in Brazil that needs to evolve, but the mentality

It's not digital security in Brazil that needs to evolve, but the mentality. Today we have at our disposal the same technologies used in other countries. What has advanced abroad, and not here, is that companies and institutions don't...

1 2 3 4 5 6

DLL Hijacking - injecting DLLs for evasion and persistence