Blogs about Cyber

Card image cap

CISA Report: Unpatched VPN, Credential Theft Fueled Agency Hack

by Paul Roberts | a day ago

A CISA analysis of a hack of an unnamed federal agency suggests it may have started with the exploitation of a known (and patched) flaw in the Pulse VPN server.

READ MORE

Card image cap

Zerologon is a Big Deal. Here’s Why.

by Paul Roberts | 8 days ago

The Microsoft vulnerability dubbed Zerologon is a 10-on-a-10-scale critical flaw in Windows Netlogon. We explain what you need to know about this serious, new vulnerability.

READ MORE

Card image cap

QOMPLX Knowledge: 5 Ways Attackers Bypass Microsoft Azure ATP

by QOMPLX | 14 days ago

Microsoft’s Azure Advanced Threat Protection (ATP) is useful for detecting a range of attacks on Active Directory. But it has some serious shortcomings. Here are five ways attackers bypass ATP to wreak havoc.

READ MORE

Card image cap

Privilege Escalation Features Pop Up In More Malware Variants

by Paul Roberts | a month ago

The new DarkSide ransomware variant and Lucifer’s Spawn, a DDoS and crypto-jacking tool, have one thing in common: privilege escalation features designed to fuel lateral movement.

READ MORE

Card image cap

Konica Minolta Latest Victim of Human Operated Ransomware

by Paul Roberts | a month ago

The new ransomware family RansomEXX is suspected in the hack of Konica Minolta, its second prominent victim in a month. Evidence suggests that human directed attacks are becoming more stealthy and effective.

READ MORE

Card image cap

QOMPLX Knowledge: Understanding Pass The Hash Attacks

by QOMPLX | a month ago

Pass the Hash attacks are one of the most common methods of lateral movement within compromised IT environments. In this QOMPLX Knowledge blog post we do a deep-dive on this common form of attack and lateral movement.

READ MORE

Card image cap

QOMPLX OSINT Expert Joe Gray Quoted on Red Teaming

by QOMPLX | 2 months ago

Joe Gray, Senior OSINT Specialist at QOMPLX, was interviewed about the role of red teaming in cyber defense programs.

READ MORE