Our highly experienced and diverse researchers are fluent in security intelligence practices, combining expertise in private security, military, and intelligence experience. Continuously examining the cyber-threat landscape, our experts deliver in-depth visibility into today’s threats and the actors behind them.
Introduction On March 2nd Microsoft announced that a Chinese Nation-State actor they called HAFNIUM had been utilizing four zero-day vulnerabilities on premises version of Microsoft Exchange. Microsoft and other researchers say that the Chinese government had successfully penetrated and expanded into around 60,000 companies, globally. Microsoft released a patch on the same day of the announcement. Being well thought out and planned, the attack established backdoors that remain even if the.
Compromising a Domain With the Help of a Spooler My job in the Cymulate Research Lab is to craft and implement attack scenarios for Cymulate customers to launch in their environment and increase their cyber-resilience. In this tech-blog post I will show how an attacker can gain access to corporate assets from an initial foothold by combining multiple techniques. The scenario is performed in two stages. In the first stage we will abuse unconstrained delegation and use techniques to enumerate.
Originally an offshoot of CrySiS, the Dharma ransomware family has brought forth a new variant, as part of its ongoing creation of new strains. In this blog post, we analyze the latest variant found in the wild by malware researcher Jakub Kroustek. Cymulate customers can check if they are vulnerable to this threat by running an Immediate Threat Intelligence simulation of this variant, uploaded to the dashboard on 28th July 2019. (Login to the dashboard here.) Overview Dharma has been operating.
Read More >
Subscribe to Our Blog
Stay up to date with the latest cybersecurity news and tips