Main navigation
Why CyberArk
CyberArk is the trusted leader in Privileged Account Security, with more than half of the Fortune 100 companies relying on our solutions to protect their most critical and high-value assets
CyberArk In The News
BLOGS
NEWS
EVENTS
The CyberArk Blog
Threat Research Blog
Locking Down the Remote Vendor Attack Pathway through Privileged Account Security
Remote vendors are everywhere, and they’re not limited to help desk services, storage and application service providers or other IT-focused MSP’s. Let’s not forget about the other vendors a company typically works with – law firms, public relations firms, HVAC, trucking companies, supply chain vendors, services companies – the list goes on. Organizations both large […]
WannaCry Ransomware: A Brief Q&A with a CyberArk Labs Researcher
In May, we offered a 30 minute webcast focused on deconstructing the WannaCry ransomware attack. Led by CyberArk Labs Researcher Shaked Reiner, the webcast delved into specifics of the attack, as well as proven methods organizations can implement to prevent WannaCry’s ability to spread through networks and encrypt system data. We’ve compiled some of the […]
Privileged Access Management: A Matrix Approach for Account Ranking and Prioritization
Throughout the course of my six years in helping KPMG clients with their Privileged Access Management programs, there has rarely been a simple answer to the critical questions of exactly which privileged accounts in an environment should be integrated first (e.g., application/infrastructure/personal accounts), and exactly how we should control each type of privileged account. The […]
Implementing Malware Command and Control Using Major CDNs and High-Traffic Domains
In this blog post, we will present a new technique for domain fronting, which enables attackers to abuse Content Delivery Networks (CDNs) to mask malware command and control (C2) traffic. This research demonstrates a new technique for hiding a C2 channel completely within a CDN. While many CDNs are potentially impacted, Akamai is one of […]
Red Team Insights on HTTPS Domain Fronting Google Hosts Using Cobalt Strike
In this blog post, we will cover HTTPS domain fronting Google hosts (google.com, mail.google.com, etc.) using Cobalt Strike. Domain fronting via google.com has been used by adversaries, and it is valuable to include as part of Red Team assessments. Domain Fronting is a technique to hide the remote endpoint of communication while leveraging high reputation […]
GhostHook – Bypassing PatchGuard with Processor Trace Based Hooking
In this article, we’ll present a new hooking technique that we have found during our research work. Hooking techniques give you the control over the way an operating system or a piece of software behaves. Some of the software that utilizes hooks include: application security solutions, system utilities, tools for programming (e.g. interception, debugging, extending […]
Recurring
Webinar Series: On The Front Lines
28/11/2017 - 30/11/2017