Image Defeating EDRs with Office Products January 11, 2022 We identified Ivy framework fileless attack techniques that execute undetected in Microsoft Office. Here's how with suggested security augmentations. See Details Blog
Image Breaking the (WDAPT) Rules with COM May 12, 2021 This article explores gaps that allow for the undetected execution of code on systems protected by Microsoft Defender Advanced Threat Protection. See Details Blog
Image ScareCrow Payload Creation Framework February 03, 2021 ScareCrow is a payload creation framework for generating loaders that side-load (not inject) into a legitimate Windows process (bypassing Application... See Details Tool
Image EDR and Blending In: How Attackers Avoid Getting Caught February 03, 2021 Even when the hooks are removed, defenders can still leverage other EDR functions, such as host isolation for incident triage or remote. See Details Blog
Image Endpoint Detection and Response: How Hackers Have Evolved February 02, 2021 This post identifies systemic endpoint detection and response issues and examines how attackers can bypass any EDR product. See Details Blog
Image DEF CON 2020 Red Team Village Talk - Breaking The Attack Chain September 02, 2020 Two experienced red teamers describe successful engagements and how to counter attack chains. See Details Blog
Image Digging Your Talons In – New Take On Password Guessing June 19, 2020 Talon automates a password guessing technique targeting Kerberos and LDAP within the Windows Active Directory environment. See Details Blog
Image ATT&CK Series: Lateral Movement Techniques June 25, 2019 There are several different methods that adversaries can employ to move throughout a network. However, we will cover two techniques commonly used by.... See Details Blog
Image It’s Not Always About the Perimeter – A Look at Domain Reconnaissance January 29, 2019 In this information age, security threats are commonplace and can be devastating to a business. The ability to quickly and accurately detect cyber.... See Details Blog