Injection Attacks Thwarted Since August; The Minerva Approach Proves Itself Once Again -- Security Today

Injection Attacks Thwarted Since August; The Minerva Approach Proves Itself Once Again

Dec 18, 2020

Minerva Labs has announced that the company conducted a thorough review of the cybersecurity threat exposed by the SolarWinds breach. Minerva Labs reports a dramatic increase in the number of prevented events coming from the “SolarWinds.BusinessLayerHost.exe” process in the past few months.

Researchers suspect that this activity is related to the current event and advise other security vendors to monitor for such behavior. While security vendors published their mitigation recommendations in the past few days, Minerva reports that the company successfully prevented related attempts since August 2020.

Here’s an example of a prevented memory injection attack in Minerva’s interface:

Example #1:

Minerva Labs

Example #2:

Minerva Labs

As detailed by FireEye’s report (which can be found here), the malicious backdoor refuses to work when certain blacklisted processes are present in the operating system, proving once again the effectiveness of the Minerva approach and the Hostile Environment Simulation module which is one of the main parts of Minerva’s pre-execution threat prevention platform. Thousands of such artifacts simulate the presence of security and forensics tools that creates an environment in which malware refrains from executing.

Featured

AI Used as Part of Sophisticated Espionage Campaign

A cybersecurity inflection point has been reached in which AI models has become genuinely useful in cybersecurity operation. But to no surprise, they can used for both good works and ill will. Systemic evaluations show cyber capabilities double in six months, and they have been tracking real-world cyberattacks showing how malicious actors were using AI capabilities. These capabilities were predicted and are expected to evolve, but what stood out for researchers was how quickly they have done so, at scale. Read Now
- Artificial Intelligence
Why the Future of Video Security Is Happening Outside the Cloud

For years, the cloud has captivated the physical security industry. And for good reasons. Remote access, elastic scalability and simplified maintenance reshaped how we think about deploying and managing systems. Read Now
- Video Surveillance
UL Solutions Launches Artificial Intelligence Safety Certification Services

UL Solutions Inc., a global leader in safety science, today announced the launch of artificial intelligence (AI) safety certification services, enabling comprehensive assessments for evaluating the safety of AI-powered products. Read Now
- Artificial Intelligence
ESA Announces Initiative to Introduce the SECURE Act in State Legislatures

The Electronic Security Association (ESA), the national voice for the electronic security and life safety industry, has announced plans to introduce the SECURE Act in state legislatures across the country beginning in 2025. The proposal, known as Safeguarding Election Candidates Using Reasonable Expenditures, provides a clear framework that allows candidates and elected officials to use campaign funds for professional security services. Read Now
- Guard Services
Ransomware Attacks Rise for the First Time in Six Months

Ransomware attacks have risen for the first time in six months, increasing by 28% month-on-month to 421 attacks. While overall attack volume remained below 500, the uptick may signal a renewed escalation heading into the year’s most active period for cyber criminals. Read Now
- Cybersecurity

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

QCS7230 System-on-Chip (SoC)

The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.
FEP GameChanger

Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.
Connect ONE®

Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.