EDR

WDigest credential harvesting

WDigest, a legacy authentication protocol that is still in use on many corporate networks, presents opportunities for attackers to acquire passwords. Its abuse essentially nullifies…

Read more

Motivated miners

In recent months, multiple security vendors published articles about “motivated miners”—attackers who take advantage of tools, techniques, and procedures (TTPs) developed by advanced threat actors…

Read more

CVE-2018-15982 exploit attacks

In late November 2018, a targeted attack against a medical institution in Russia exploited CVE-2018-15982, a zero-day remote code execution vulnerability in Adobe Flash Player. Adobe…

Read more

Windows 7 zero-day for CVE-2019-0808

Researchers from Google's Threat Analysis Group notified Microsoft that they discovered evidence of a zero-day exploit active in the wild since late February 2019. The…

Read more

WinRAR CVE-2018-20250 exploit

On February 20, 2019, researchers from Check Point Software Technologies revealed a flaw in WinRAR, a popular third-party compression app. The flaw (CVE-2018-20250) had existed…

Read more

SQL Server abuse

Attacks involving SQL Server can be difficult to respond to because SQL Server comes with vast array of tools for automation, scheduling, and data import…

Read more