We have published the YARA rule to detect Cisco CVE-2023-20178 Proof-of-concept exploit code. This is PoC for Arbitrary File Delete vulnerability in Cisco Secure Client (tested on 5.0.01242) and Cisco AnyConnect (tested on 4.10.06079).

Binalyze AIR 😍

🚨 Transform your corporate security posture with the world's most powerful DFIR suite - unlock state-of-the-art digital forensics and incident response NOW with a FREE demo or 14-day trial. Click the link for details! 🔒 ow.ly/Qh3050OZ4hq #DFIR #IncidentResponse

Binalyze Secures $19 Million in Series A Funding Led by Molten Ventures with participation from Earlybird Digital East and OpenOcean, and new investors Cisco Investments, Citibank Ventures, and Deutsche Bank Ventures. ow.ly/lyj150PK8g5 #DFIR #News #Cybersecurity

We are bringing #DetectionEngineering to #DFIR. With a tiny bit of #DataScience. It's neither #YARA, nor Sigma, btw.😎 #ThreatHunting

Bad guys are clever, but not enough for Binalyze and our powerful Dynamo engine. Crypto miner using a huge file to evade detection. No #Yara, just a little bit of #DFIR. #ThreatHunting

Binalyze MITRE ATT&CK Analyzer version 2.2.0 has just been released, and it comes packed with some fantastic updates! In this latest release, we've made significant improvements to enhance your threat detection capabilities. Here are the key highlights: Dynamo Enhancements: ✅

MITRE ATT&CK Analyzer version 2.5.0 from Binalyze is out now. Update highlights: ✅Yara: Added detection for various malware families observed in recent reports. ✅Enhanced detection of various techniques used for obfuscation, masquerading, initial access, fileless malware

Serious Yara question: Why do you use the filesize in conditions? Since Yara evaluates it after having searched all the strings, what benefit do you have from that?

Welcome to the future of YARA: virustotal.github.io/yara-x/blog/ya…