News

Positive Technologies has released version 6.1 of MaxPatrol SIEM. In the new version, users can quickly find and update IT assets with outdated data, store incidents in PostgreSQL, and monitor correlator loads.

Positive Technologies has released the next version of PT Network Attack Discovery (10.1), a system for deep traffic analysis. With it, you can detect attacks using new analytics modules, collect up-to-date information about network hosts, and centrally learn about detected threats in a single feed.

Positive Technologies experts have analyzed the results of network activity monitoring at 41 companies where PT Network Attack Discovery (PT NAD) was deployed as pilot project . The experts detected suspicious network activity at most companies. Malware was identified at each industrial company and government institution.

The Server-Side Request Forgery (SSRF) vulnerability identified in IBM QRadar SIEM by Positive Technologies expert Mikhail Klyuchnikov has an average severity level (CVSS 5.4). The IBM QRadar SIEM event monitoring and correlation system is one of the world's leading SIEM systems.

Now-fixed vulnerabilities enabled local privilege escalation

The RCE vulnerability allows attackers to execute arbitrary commands on the server, compromising the vCenter Server, and gain access to sensitive data

A vulnerability in the data replication tool allowed remote command execution on the server

Threat actors combine sandbox evasion and anti-analysis methods in malware distribution

Positive Technologies’ experts have analyzed the ten most active forums on the dark web, which offer services for hacking websites, buying and selling databases, and accessing web resources . The research found that in the vast majority of cases on these forums, most individuals are looking for a hacker, and in 7 out of 10 ads, their main goal is to gain access to a web resource.

Remote code execution and interception of administrator accounts were among the threats found