Identity Security: Bridging the Executive Confidence/Reality Gap
In recent years, cybersecurity has become a board-level issue resulting in several executives taking greater responsibility in cybersecurity-related decisions. As a result, the CISO is no longer a...
Read Article
Why No User Should Have Local Admin Rights
The idea of removing local administrator rights from Every. Single. User. across your organization is likely to spark strong reactions. Search popular online forums for the phrase “remove local...
Read Article
Inglourious Drivers – A Journey of Finding Vulnerabilities in Drivers
TL;DR I discovered multiple bugs in OEM vendors for peripheral devices, which affected many users of these OEM vendors (Razer, EVGA, MSI, AMI). Many of the vulnerabilities originated in a...
Read Article
Chatting Our Way Into Creating a Polymorphic Malware
Abstract ChatGPT took the world by storm being released less than two months ago, it has become prominent and is used everywhere, for a wide variety of tasks – from automation tasks to the...
Read Article
CircleCI Breach Exposes Risk of Hard-coded Secrets
The recent CircleCI breach highlights the risk of storing secrets in places like private code repositories (GitHub), scripts, configuration files, files encrypted at rest, CI/CD pipeline code or...
Read Article
Six Takeaways from Recent Ransomware Attacks
2022 ransomware attack learnings can inform 2023 cybersecurity strategies, helping organizations combat threats and reduce risk with greater confidence. The CyberArk 2022 Identity Security Threat...
Read Article
Why Intelligent Privilege Controls Are Essential for Identity Security
“If we can control identity, we can stop most modern attacks. And if you control identity, then you control every perimeter, application, container – effectively every part of the environment.” –...
Read Article