Main navigation
Why CyberArk
CyberArk is the trusted leader in Privileged Account Security, with more than half of the Fortune 100 companies relying on our solutions to protect their most critical and high-value assets
CyberArk In The News
BLOGS
NEWS
EVENTS
The CyberArk Blog
Threat Research Blog
Secure and Protect Docker Hosts with CyberArk
Container technology has been instrumental in the transformation of application development and deployment, and Docker has held the pole position. The reasons include Docker’s ease of installation and use, and its ability to automate common tasks so developers can focus on what matters: building great software. Overall Docker adoption has surged 35% within the last […]
Three Key Steps for Locking Down Critical Privileged Accounts
Let’s cut to the chase: Most IT professionals understand cyber attacks will happen, and it’s simply a matter of when. Every major breach has a common denominator: compromised privileged accounts. They are an essential element of the attack lifecycle and must be secured. I recently presented a webcast on three key steps organizations can take […]
Think Like an Attacker and Improve Your Defensive Strategy
The CyberArk Red Team is a highly qualified group of industry veterans who are trained to use “any means necessary” – just as an attacker would – to help security operations teams identify and measure which threats they can detect – and which ones they cannot. In a recent post, we asked Shay Nahari, our […]
BoundHook: Exception Based, Kernel-Controlled UserMode Hooking
In this article, we’ll present a new hooking technique that we have found during our research work. Hooking techniques give you control over the way an operating system or a piece of software behaves. Some of the software that utilizes hooks include: application security solutions, system utilities, tools for programming (e.g. interception, debugging, extending software, […]
Illusion Gap – Antivirus Bypass Part 1
Introduction During our research, CyberArk Labs encountered a strange behavior in the file scanning process of Windows Defender. This problem may possibly exist in other anti-viruses, which we have not yet tested. This behavior led us to investigate the Antivirus scanning process over SMB shares and the outcome is a surprising cause for concern. Now […]
Implementing Malware Command and Control Using Major CDNs and High-Traffic Domains
In this blog post, we will present a new technique for domain fronting, which enables attackers to abuse Content Delivery Networks (CDNs) to mask malware command and control (C2) traffic. This research demonstrates a new technique for hiding a C2 channel completely within a CDN. While many CDNs are potentially impacted, Akamai is one of […]
Recurring
Webinar Series: On The Front Lines
07/11/2017 - 08/11/2017
API CyberSecurity Conference
27/11/2017 - 30/11/2017