Blog  


19 May

A Step-by-step BPFDoor Compromise

READ MORE

During the last few days there have been many articles describing BPFDoor, a UNIX backdoor allegedly used by Chinese threat actors. BPFDoor is a smart backdoor that does not need to open additional ports when the attacker wants to connect to the compromised host.

7 Apr

The Threat Intelligence Lifecycle 2.0

READ MORE

Threat intel is broken. As we’ve spoken about before, generic threat intel wastes a lot of time. It’s not efficient, and often it’s not even effective.

5 Apr

Detecting malicious artifacts using an ETW consumer in kernel mode

READ MORE

As defenders we continue to look for new ways to enhance detection to be able to face the challenges posed by attackers and security researchers innovating and publishing their results.

4 Mar

IOCs from the Attacks on Ukrainian Government Infrastructure

READ MORE

Our deception environments detected a recent attack, dating back to early February 2022, involving threat actors attempting to attack Ukrainian government infrastructure. These actors exploited the CVE-2021-4034 vulnerability in an attempt to run commands as privileged users.

22 Feb

{Webinar} Technical Evidence of Attacks on Ukrainian Government Infrastructure

READ MORE

A recent attack involving threat actors attempting to attack Ukrainian government infrastructure happened in one of our deception environments last week. These actors exploited the CVE-2021-4034 vulnerability in an attempt to run commands as privileged users.

Page 1 of 10