all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

MDATP DarkGate False Positives

Add to bookmarks
Oct. 5, 2023, 12:38 p.m. | /u/DocOfTheSOC

cybersecurity www.reddit.com

Hey guys,

Has anyone else seen MDATP flagging cmd.exe as DarkGate malware on SQL servers? The file hashes come back clean and there are no events to indicate potential compromise. I know they recently posted an article on a new attack vector for lateral movement from SQL servers to cloud. So maybe the detection rules are still being tweaked. [https://www.microsoft.com/en-us/security/blog/2023/10/03/defending-new-vectors-threat-actors-attempt-sql-server-to-cloud-lateral-movement/](https://www.microsoft.com/en-us/security/blog/2023/10/03/defending-new-vectors-threat-actors-attempt-sql-server-to-cloud-lateral-movement/)

Would just like to confirm we aren't the only ones seeing this.

cybersecurity darkgate false positives hey

Visit resource

More from www.reddit.com / cybersecurity

how hard do you think is it to get into penetration testing nowadays 3 hours ago | www.reddit.com
cybersecurity hard penetration penetration testing +1
The Risks of Scattered Logs and Why Centralised SIEM Is Better for Security 6 hours ago | www.reddit.com
companies cybersecurity event event management +21
How-To Install and Setup: Azure Arc, (AMA) Azure Monitor Agent and (DCR) Data Collection Rules … 8 hours ago | www.reddit.com
agent ama arc article +28
Iranian hackers pose as journalists to push backdoor malware 9 hours ago | www.reddit.com
backdoor cybersecurity hackers iranian +3
How deep into certifications should you go at “entry level?” 10 hours ago | www.reddit.com
administration certifications cybersecurity entry +10
Is SOC 2 Report Sufficient for Vendor Risk Management? 17 hours ago | www.reddit.com
application cybersecurity deployment friends +18
Attackers Employ Microsoft Graph API to Evade Detection 19 hours ago | www.reddit.com
api attackers cybersecurity detection +4
Cybersecurity Stash: Your One-Stop Directory for Security Tools and Resources! 19 hours ago | www.reddit.com
cybersecurity directory hey hub +6
I think I blew my last interview 22 hours ago | www.reddit.com
cybersecurity hello interview interviewing +4

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cybersecurity Consultant

@ Devoteam | Cité Mahrajène, Tunisia
View on infosec-jobs.com

GTI Manager of Cybersecurity Operations

@ Grant Thornton | Phoenix, AZ, United States
View on infosec-jobs.com

(Senior) Director of Information Governance, Risk, and Compliance

@ SIXT | Munich, Germany
View on infosec-jobs.com

Information System Security Engineer

@ Space Dynamics Laboratory | North Logan, UT
View on infosec-jobs.com

Intelligence Specialist (Threat/DCO) - Level 3

@ Constellation Technologies | Fort Meade, MD
View on infosec-jobs.com

Cybersecurity GRC Specialist (On-site)

@ EnerSys | Reading, PA, US, 19605
View on infosec-jobs.com
View more jobs