Warning: session_start(): open(/opt/alt/php82/var/lib/php/session/sess_cjrdqnvvch17utuusra4h4666i, O_RDWR) failed: Disk quota exceeded (122) in /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/social-auto-poster/social-auto-poster.php on line 508
Warning: session_start(): Failed to read session data: files (path: /opt/alt/php82/var/lib/php/session) in /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/social-auto-poster/social-auto-poster.php on line 508 Turning evasion into detection: Varonis Jitter-Trap redefines beacon defense - WikDaily
Organizations may soon be able to detect in real time stealthy “beacons,” like Cobalt Strike, Silver, Empire, Mythic, and Havoc.
Varonis Threat Labs has unveiled Jitter-Trap, a clever new technique that claims to exploit attackers’ own dodgy tactics against them, detecting the randomness cybercriminals use to stay hidden.
“Leveraging the randomness (jitter) that threat actors intentionally introduce to evade detection is definitely a novel approach to detect stealthy beacon traffic used in post-exploitation and command-and-control (C2) communications during cyberattacks,” said Agnidipta Sarkar, chief evangelist at ColorTokens Inc. “However, because jitters occur later in the attack cycle, detecting post-exploitation C2 communications cannot identify the initial compromise.”
According to Varonis, these post-exploitation tools inject random delays (jitter) into their check-ins, hoping to blend in with normal traffic. This ‘natural’ randomness, however, leaves a fingerprint that Jitter-Trap can detect and flag.
Welcome to WikDaily, your trusted source for the latest news, trends, and insights across the globe. We are a dynamic blog-style news platform committed to delivering fast, accurate, and engaging content across a variety of topics—from breaking headlines to deep dives into tech, business, entertainment, travel, sports, and more.
