Source: thenewstack.io
Brute Ratel C4: When PenTests Go Bad
The https://unit42.paloaltonetworks.com/about-unit-42/ was quietly going about their business when they spotted yet another malware file in https://www.virustotal.com/gui/home/upload, the community site for suspicious files, domains, IPs and URLs. Indeed, it contained a malicious payload associated with https://bruteratel.com/, the latest red-team and adversarial attack simulation tool.
And, given that so many EDR and AV vendors thought its payload was OK, clearly it is good at this. And, while that’s good for security pros and red teams, it’s not so good for companies that just want to trust their EDR and AV tools will keep them safe.
Brute Ratel’s creator https://0xdarkvortex.dev/about/, aka https://twitter.com/NinjaParanoid, a former detection engineer and red teamer for CrowdStrike and Mandiant, immediately https://twitter.com/NinjaParanoid/status/1544744698753204225.
And, given that so many EDR and AV vendors thought its payload was OK, clearly it is good at this. And, while that’s good for security pros and red teams, it’s not so good for companies that just want to trust their EDR and AV tools will keep them safe.
Brute Ratel’s creator https://0xdarkvortex.dev/about/, aka https://twitter.com/NinjaParanoid, a former detection engineer and red teamer for CrowdStrike and Mandiant, immediately https://twitter.com/NinjaParanoid/status/1544744698753204225.
Related Articles
Community Partners
DevOps Careers