Blog

Filter by Product:

Filter by Product:

Lines of code up close.

CISA Report: Unpatched VPN, Credential Theft Fueled Agency Hack

by Paul Roberts | a day ago

A CISA analysis of a hack of an unnamed federal agency suggests it may have started with the exploitation of a known (and patched) flaw in the Pulse VPN server.

READ MORE

Lines of code up close.

Zerologon is a Big Deal. Here’s Why.

by Paul Roberts | 8 days ago

The Microsoft vulnerability dubbed Zerologon is a 10-on-a-10-scale critical flaw in Windows Netlogon. We explain what you need to know about this serious, new vulnerability.

READ MORE

Lines of code up close.

QOMPLX Knowledge: 5 Ways Attackers Bypass Microsoft Azure ATP

by QOMPLX | 14 days ago

Microsoft’s Azure Advanced Threat Protection (ATP) is useful for detecting a range of attacks on Active Directory. But it has some serious shortcomings. Here are five ways attackers bypass ATP to wreak havoc.

READ MORE

Lines of code up close.

Privilege Escalation Features Pop Up In More Malware Variants

by Paul Roberts | a month ago

The new DarkSide ransomware variant and Lucifer’s Spawn, a DDoS and crypto-jacking tool, have one thing in common: privilege escalation features designed to fuel lateral movement.

READ MORE

Lines of code up close.

Konica Minolta Latest Victim of Human Operated Ransomware

by Paul Roberts | a month ago

The new ransomware family RansomEXX is suspected in the hack of Konica Minolta, its second prominent victim in a month. Evidence suggests that human directed attacks are becoming more stealthy and effective.

READ MORE

Lines of code up close.

QOMPLX Knowledge: Understanding Pass The Hash Attacks

by QOMPLX | a month ago

Pass the Hash attacks are one of the most common methods of lateral movement within compromised IT environments. In this QOMPLX Knowledge blog post we do a deep-dive on this common form of attack and lateral movement.

READ MORE

Lines of code up close.

QOMPLX Knowledge: NTLM Relay Attacks Explained

by QOMPLX | 2 months ago

NTLM relay attacks allow malicious actors to carry out man-in-the-middle attacks to steal hashed versions of user credentials which are then 'relayed' for use accessing other network resources.

READ MORE

Lines of code up close.

Not Learning from NotPetya: The Truth Behind Recent Ransomware Attacks

by Paul Roberts | 2 months ago

Why do firms like Garmin find themselves in the grips of ransomware cybercriminal groups? A tell-all by a former Maersk employee offers some clues.

READ MORE