Blog Posts

A Look Back: The Sprint to Remote Work Created Security Gaps The global shift to remote work happened fast: millions of employees went home last March and adjusted to new ways of working – thanks...

Over the past few years, IT teams have embraced automation as a powerful tool to eliminate repetitive tasks, improve efficiency and consistency, and boost productivity and collaboration. The...

Rule No. 1 of Google’s “10 Things” philosophy is simple: Focus on the user and all else will follow. It’s solid advice, whether you’re in the business of online search, eCommerce, healthcare or...

An employee’s work laptop can be a treasure trove for any malicious actor who can get access to it. Think about it. Many of the apps you use on your laptop don’t ask you for credentials,...

I’m sure your network’s security is top-notch. You must have already taken care of micro-segmentations, strict firewall policies, and have some kind of EDR solution on the different endpoints. And...

In our mobile, cloud and digital world, physical perimeters have all but disappeared. Gone are the days when users and assets resided within the physical walls of the organization and trust was...

With the introduction of more and more IOT and embedded devices in the market, hackers are starting to find firmware exploitation as a more viable mechanism for gaining access into networks and...

The critical infrastructure that underpins our modern way of life continues to be under attack. The 2015 hack of Ukraine’s power grid brought this sobering reality into focus, and since then,...

This blog is intended to be a warning bell and to draw attention to a potential security risk involved in running sensitive applications in the WSL (“Windows Subsystem Linux”) Windows utility. As...

Last February, I went to #OffensiveCon20 and, as you might expect, it was awesome. The talks were great, but the real gem was the CodeQL workshop that was held the second day of the event....

“Change is the only constant in life” is a well-known adage first attributed to the Ancient Greek philosopher Heraclitus of Ephesus. While the world has evolved dramatically since Heraclitus’ day,...

In this blog post, we are going to look at the Kubernetes agent, kubelet (see Figure 1), which is responsible for the creation of the containers inside the nodes and show how it can be...

Just days ago, a list of plaintext usernames, passwords and IP addresses for more than 900 Pulse Secure VPN servers was published online along with SSH keys for each server, a list of all local...

Today, we announced that CyberArk has been named a Leader in the Gartner 2020 Magic Quadrant for Privileged Access Management.1 CyberArk was positioned both highest in ability to execute and...

A recent survey of technology executives at large firms showed that Microsoft Azure continues to be the most popular provider of public cloud services, even as Amazon leads the market overall in...

Introduction With fileless malware becoming a ubiquitous feature of most modern Red Teams, knowledge in the domain of memory stealth and detection is becoming an increasingly valuable skill to add...

Once again we are seeing how vulnerable and easily development environments can be exploited with the recent news of a massive trove of leaked code from 50+ enterprises across multiple industries,...

At Impact Live 2020 we spent a lot of time discussing strategies for maintaining a strong cybersecurity posture in the age of remote work. Today’s users need flexibility to do their jobs...

TL;DR Cloud technologies are ubiquitous and most organizations rely on cloud vendors to provide them with critical services and computing workloads. This ecosystem makes organizations deeply...