Author: CadoSecurity

From SIEM to Ticketing: Streamlining Security Operations with Cado’s Export Capabilities
Cado’s export capabilities enhance security operations by streamlining data flow between SIEMs, ticketing systems, and forensic platforms. This integration reduces manual errors, improves efficiency, and ensures timely incident resolution. Affected: Cado platform, SIEMs, ticketing systems

Keypoints :

Modern SOCs face challenges with manual data transfers and incompatible formats.…
Read More
From Data Capture to Analysis: How Cado Simplifies Cloud Investigations
Cado is a cloud investigation platform designed to simplify and accelerate forensic investigations across multi-cloud and hybrid environments. By automating data capture and providing unified visibility, Cado enables security teams to focus on understanding incidents and mitigating threats efficiently. Affected: AWS, Azure, GCP

Keypoints :

Cado streamlines forensic investigations by automating data capture from various platforms.…
Read More
Understanding the Technology that Powers the Cado Platform
The Cado platform revolutionizes cloud forensics and incident response by leveraging cloud-native architecture, integrating threat intelligence, and utilizing AI for faster investigations. This approach significantly reduces the time needed to respond to security incidents, enhances the context of alerts, and improves overall security readiness. Affected: AWS, Azure, GCP

Keypoints :

Cado platform is designed for multi-cloud environments, specifically AWS, Azure, and GCP.…
Read More
Summary: Cado Security Labs has uncovered a sophisticated scam targeting Web3 professionals, involving a crypto stealer named Realst. The threat actors create fake companies and websites using AI-generated content to lure victims into downloading malicious software. This campaign has been active for about four months, with the malware capable of stealing sensitive information from both macOS and Windows systems.…
Read More

Summary:

Cado Security Labs has uncovered a GuLoader campaign targeting European industrial and engineering firms, utilizing evasive techniques to deliver Remote Access Trojans (RATs) through spearphishing emails. The campaign employs obfuscated PowerShell scripts and sophisticated evasion methods to bypass detection.

Keypoints:

GuLoader is an evasive shellcode downloader used since 2019.…
Read More
Introduction

Cado Security Labs researchers have recently encountered an emerging malware campaign targeting misconfigured servers running the following web-facing services:

The campaign utilises a number of unique and unreported payloads, including four Golang binaries, that serve as tools to automate the discovery and infection of hosts running the above services.…

Read More
Introduction

Cado Security Labs researchers have recently encountered a novel malware campaign targeting Redis for initial access. Whilst Redis is no stranger to exploitation by Linux and cloud-focused attackers, this particular campaign involves the use of a number of novel system weakening techniques against the data store itself. …

Read More