Main navigation
Why CyberArk
CyberArk is the trusted leader in Privileged Access Security, with more than half of the Fortune 100 companies relying on our solutions to protect their most critical and high-value assets
CyberArk In The News
BLOGS
NEWS
EVENTS
The CyberArk Blog
Threat Research Blog
Weak Security Checks and Balances Compound Privileged Access Risks
The U.S. Department of Interior recently released a report concluding that two dams critical to national security operate with an elevated risk of insider attacks – too many employees have access to admin accounts and industry best practices are not followed. The dams are among five operated by the U.S. Bureau of Reclamation. The report […]
Federal Cybersecurity Report Finds Majority of Agencies at Risk
As a number of crippling breaches have illustrated, federal government agencies and departments are frequent targets in today’s advanced attacks. The White House’s Office of Management and Budget (OMB), in partnership with the Department of Homeland Security (DHS), recently conducted a cyber risk assessment of 96 agencies across 76 metrics to measure their cyber security […]
Privileged Account Management is #1 Security Project in 2018 for CISOs, Says Gartner*
Recently, we attended the 2018 Gartner Security & Risk Management Summit. The event is always a valuable opportunity to learn from top CISOs and security and risk management professionals, to explore leading-edge research and to discuss emerging cyber security trends. Although there were a number of excellent presentations throughout the week, one in particular stood […]
Weakness Within: Kerberos Delegation
During a Black Hat USA 2015 presentation, Sean Metcalf noted the security risks of Kerberos unconstrained delegation. Inspired by his talk and additional delegation articles including this one, CyberArk Labs conducted further research on the delegation mechanism. In this article, we highlight the potential risks of misconfigured delegation services or users, offer possible mitigations and […]
AMSI Bypass Redux
Three months ago we published a blog, “AMSI Bypass the Patching Technique,” describing how to bypass Microsoft AMSI (Antimalware Scan Interface) protection. Microsoft has since changed the way AMSI handles PowerShell sessions, so our original bypass technique now fails to operate with the update. The Microsoft update changed AMSI, so that PowerShell no longer uses the AmsiScanString […]
The Cloud Shadow Admin Threat: 10 Permissions to Protect
Organizations worldwide are moving to the cloud – and that migration is creating the threat of shadow admins. On-premises shadow admin accounts have sensitive privileges and are typically overlooked because they are not members of a privileged Active Directory (AD) group. Instead, they were granted privileges through the direct assignment of permissions (using ACLs on […]
07/08/2018 - 09/08/2018
Black Hat
03/12/2018 - 05/12/2018