Threat Research

2021 Cybersecurity Trends: The Emergence of the Personalized Attack Chain

It’s hard to look forward to 2021 without considering the trends that shaped the generally unfavorite year known as #2020. History books will, of course, remember this year mostly for two major...

Read Article
Intel, Please Stop Assisting Me

This post focuses on two vulnerabilities the CyberArk Labs team uncovered in the Intel Support Assistant that affected the millions of Windows machines that run this software. The first...

Read Article
Attacking Kubernetes Clusters Through Your Network Plumbing: Part 1

Have you ever wondered how the water supply gets into your home and to the taps? Honestly it may not be something you ever thought about. When receiving a system that works “out of the...

Read Article
Five Attack Scenarios That Could Alter the U.S. Election

On October 21, the FBI held a press conference alerting U.S. citizens about new details concerning nation-state interference with the upcoming U.S. elections. According to news reports attackers...

Read Article
LoRaWAN & MQTT: What to Know When Securing Your IoT Network

The LoRaWAN protocol wirelessly connects battery-powered devices to the internet. Because of its ability to communicate long-range with little battery consumption, it is likely to be the network...

Read Article
4:57

An Introduction to CyberArk Labs

CyberArk is the only Identity Security Vendor with dedicated research labs. This video provides an introduction to the labs team, and how their research benefits the broader security community.

Watch Video
Anti-Virus Vulnerabilities: Who’s Guarding the Watch Tower?

This blog entry is a special anti-malware edition showcasing how the most common bugs security products suffer from can allow a standard user to escalate into a privileged user. What we found...

Read Article
30:29

Ask CyberArk Video Podcast Episode 4

Watch our fourth episode of Ask CyberArk with Lavi Lazarovitz, Head of Research from CyberArk Labs

Watch Video
Your Network Through the Eyes of a Hacker

I’m sure your network’s security is top-notch. You must have already taken care of micro-segmentations, strict firewall policies, and have some kind of EDR solution on the different endpoints. And...

Read Article
An Introduction to Hardware Hacking

With the introduction of more and more IOT and embedded devices in the market, hackers are starting to find firmware exploitation as a more viable mechanism for gaining access into networks and...

Read Article
Running Sensitive Apps in WSL: (SAFE + SAFE) < SAFE

This blog is intended to be a warning bell and to draw attention to a potential security risk involved in running sensitive applications in the WSL (“Windows Subsystem Linux”) Windows utility. As...

Read Article
Make Memcpy Safe Again: CodeQL

Last February, I went to #OffensiveCon20 and, as you might expect, it was awesome. The talks were great, but the real gem was the CodeQL workshop that was held the second day of the event....

Read Article
47:57

First Steps to Regain Control on a Compromised Infrastructure

What do you do when Incidents happens in your organization? How do you respond and what could you do to help mitigate the frequency of incidents?

Watch Video
Using Kubelet Client to Attack the Kubernetes Cluster

In this blog post, we are going to look at the Kubernetes agent, kubelet (see Figure 1), which is responsible for the creation of the containers inside the nodes and show how it can be...

Read Article
Masking Malicious Memory Artifacts – Part III: Bypassing Defensive Scanners

Introduction With fileless malware becoming a ubiquitous feature of most modern Red Teams, knowledge in the domain of memory stealth and detection is becoming an increasingly valuable skill to add...

Read Article
DIY: Hunting Azure Shadow Admins Like Never Before

TL;DR Cloud technologies are ubiquitous and most organizations rely on cloud vendors to provide them with critical services and computing workloads. This ecosystem makes organizations deeply...

Read Article
What Twitter Attack Says on Human Nature, Social Engineering

Last week, Twitter suffered a breach that led to the compromise of numerous high-profile accounts, including those of Barak Obama, Joe Biden, Jeff Bezos and Elon Musk. I took the opportunity to...

Read Article
Masking Malicious Memory Artifacts – Part II: Insights from Moneta

Introduction With fileless malware becoming a ubiquitous feature of most modern Red Teams, knowledge in the domain of memory stealth and detection is becoming an increasingly valuable skill to add...

Read Article
Masking Malicious Memory Artifacts – Part I: Phantom DLL Hollowing

Introduction With fileless malware becoming a ubiquitous feature of most modern Red Teams, knowledge in the domain of memory stealth and detection is becoming an increasingly valuable skill to add...

Read Article
Cyber Attacks in the Pandemic Era: More of the Same

Since COVID-19 began to spread rapidly across the globe, we’ve seen near-constant headlines of cyber attacks hitting organizations in the midst of chaos. An elite group of cyber criminals launched...

Read Article
Loading More...

Threat Research​

2021 Cybersecurity Trends: The Emergence of the Personalized Attack Chain

It’s hard to look forward to 2021 without considering the trends that shaped the generally unfavorite year known as #2020. History books will, of course, remember this year mostly for two major...

Intel, Please Stop Assisting Me

This post focuses on two vulnerabilities the CyberArk Labs team uncovered in the Intel Support Assistant that affected the millions of Windows machines that run this software. The first...

Attacking Kubernetes Clusters Through Your Network Plumbing: Part 1

Have you ever wondered how the water supply gets into your home and to the taps? Honestly it may not be something you ever thought about. When receiving a system that works “out of the...

Five Attack Scenarios That Could Alter the U.S. Election

On October 21, the FBI held a press conference alerting U.S. citizens about new details concerning nation-state interference with the upcoming U.S. elections. According to news reports attackers...

LoRaWAN & MQTT: What to Know When Securing Your IoT Network

The LoRaWAN protocol wirelessly connects battery-powered devices to the internet. Because of its ability to communicate long-range with little battery consumption, it is likely to be the network...

An Introduction to CyberArk Labs

CyberArk is the only Identity Security Vendor with dedicated research labs. This video provides an introduction to the labs team, and how their research benefits the broader security community.

Anti-Virus Vulnerabilities: Who’s Guarding the Watch Tower?

This blog entry is a special anti-malware edition showcasing how the most common bugs security products suffer from can allow a standard user to escalate into a privileged user. What we found...

Ask CyberArk Video Podcast Episode 4

Watch our fourth episode of Ask CyberArk with Lavi Lazarovitz, Head of Research from CyberArk Labs

Your Network Through the Eyes of a Hacker

I’m sure your network’s security is top-notch. You must have already taken care of micro-segmentations, strict firewall policies, and have some kind of EDR solution on the different endpoints. And...

An Introduction to Hardware Hacking

With the introduction of more and more IOT and embedded devices in the market, hackers are starting to find firmware exploitation as a more viable mechanism for gaining access into networks and...

Running Sensitive Apps in WSL: (SAFE + SAFE) < SAFE

This blog is intended to be a warning bell and to draw attention to a potential security risk involved in running sensitive applications in the WSL (“Windows Subsystem Linux”) Windows utility. As...

Make Memcpy Safe Again: CodeQL

Last February, I went to #OffensiveCon20 and, as you might expect, it was awesome. The talks were great, but the real gem was the CodeQL workshop that was held the second day of the event....

First Steps to Regain Control on a Compromised Infrastructure

What do you do when Incidents happens in your organization? How do you respond and what could you do to help mitigate the frequency of incidents?

Using Kubelet Client to Attack the Kubernetes Cluster

In this blog post, we are going to look at the Kubernetes agent, kubelet (see Figure 1), which is responsible for the creation of the containers inside the nodes and show how it can be...

Masking Malicious Memory Artifacts – Part III: Bypassing Defensive Scanners

Introduction With fileless malware becoming a ubiquitous feature of most modern Red Teams, knowledge in the domain of memory stealth and detection is becoming an increasingly valuable skill to add...

DIY: Hunting Azure Shadow Admins Like Never Before

TL;DR Cloud technologies are ubiquitous and most organizations rely on cloud vendors to provide them with critical services and computing workloads. This ecosystem makes organizations deeply...

What Twitter Attack Says on Human Nature, Social Engineering

Last week, Twitter suffered a breach that led to the compromise of numerous high-profile accounts, including those of Barak Obama, Joe Biden, Jeff Bezos and Elon Musk. I took the opportunity to...

Masking Malicious Memory Artifacts – Part II: Insights from Moneta

Introduction With fileless malware becoming a ubiquitous feature of most modern Red Teams, knowledge in the domain of memory stealth and detection is becoming an increasingly valuable skill to add...

Masking Malicious Memory Artifacts – Part I: Phantom DLL Hollowing

Introduction With fileless malware becoming a ubiquitous feature of most modern Red Teams, knowledge in the domain of memory stealth and detection is becoming an increasingly valuable skill to add...

Cyber Attacks in the Pandemic Era: More of the Same

Since COVID-19 began to spread rapidly across the globe, we’ve seen near-constant headlines of cyber attacks hitting organizations in the midst of chaos. An elite group of cyber criminals launched...

Threat Research