Threat Research​

  • The Anatomy of the SolarWinds Attack Chain

    The Anatomy of the SolarWinds Attack Chain

    Imagine there’s an attacker lurking inside your network right now. Do you have the ability to find out and respond before they can cause harm? Now imagine your adversary has privileged access to...

    Read Article
  • Hunting Azure Blobs Exposes Millions of Sensitive Files

    Hunting Azure Blobs Exposes Millions of Sensitive Files

    We hear about it all the time – data breaches that expose a company’s sensitive information. Nearly all of us have been warned that our passwords, email addresses or even credit cards have...

    Read Article
  • Breach of Trust: How Cyber-Espionage Thrives On Human Nature

    Breach of Trust: How Cyber-Espionage Thrives On Human Nature

    With so much of daily life tethered to digital communication and most of our important information residing in data clouds, we’ve all got a lot riding in this virtual atmosphere. So naturally, the...

    Read Article
  • Analyzing Ransomware and Potential Mitigation Strategies

    Analyzing Ransomware and Potential Mitigation Strategies

    Ransomware, one of the most pervasive and dangerous threats facing organizations today is everywhere. Read more to find out how CyberArk helps mitigate ransomware threats.

    Read Flipbook
  • Golden SAML Revisited: The Solorigate Connection

    Golden SAML Revisited: The Solorigate Connection

    In the past few weeks, we’ve been witnessing one of the most elaborate supply-chain attacks unfold with a threat actor that infected SolarWinds Orion source code and used the update process to get...

    Read Article
  • Accessing and Dumping Firmware Through UART

    Accessing and Dumping Firmware Through UART

    Introduction In the first part of my hardware hacking series, we discussed dumping firmware through the SPI flash chip. In this post, we will review the process of accessing and dumping the...

    Read Article
  • A Modern Exploration of Windows Memory Corruption Exploits – Part I: Stack Overflows

    A Modern Exploration of Windows Memory Corruption Exploits – Part I: Stack Overflows

    Introduction The topic of memory corruption exploits can be a difficult one to initially break in to. When I first began to explore this topic on the Windows OS I was immediately struck by the...

    Read Article
  • 2021 Cybersecurity Trends: The Emergence of the Personalized Attack Chain

    2021 Cybersecurity Trends: The Emergence of the Personalized Attack Chain

    It’s hard to look forward to 2021 without considering the trends that shaped the generally unfavorite year known as #2020. History books will, of course, remember this year mostly for two major...

    Read Article
  • Intel, Please Stop Assisting Me

    Intel, Please Stop Assisting Me

    This post focuses on two vulnerabilities the CyberArk Labs team uncovered in the Intel Support Assistant that affected the millions of Windows machines that run this software. The first...

    Read Article
  • Attacking Kubernetes Clusters Through Your Network Plumbing: Part 1

    Attacking Kubernetes Clusters Through Your Network Plumbing: Part 1

    Have you ever wondered how the water supply gets into your home and to the taps? Honestly it may not be something you ever thought about. When receiving a system that works “out of the...

    Read Article
  • Five Attack Scenarios That Could Alter the U.S. Election

    Five Attack Scenarios That Could Alter the U.S. Election

    On October 21, the FBI held a press conference alerting U.S. citizens about new details concerning nation-state interference with the upcoming U.S. elections. According to news reports attackers...

    Read Article
  • LoRaWAN & MQTT: What to Know When Securing Your IoT Network

    LoRaWAN & MQTT: What to Know When Securing Your IoT Network

    The LoRaWAN protocol wirelessly connects battery-powered devices to the internet. Because of its ability to communicate long-range with little battery consumption, it is likely to be the network...

    Read Article
  • An Introduction to CyberArk Labs4:57

    An Introduction to CyberArk Labs

    CyberArk is the only Identity Security Vendor with dedicated research labs. This video provides an introduction to the labs team, and how their research benefits the broader security community.

    Watch Video
  • Anti-Virus Vulnerabilities: Who’s Guarding the Watch Tower?

    Anti-Virus Vulnerabilities: Who’s Guarding the Watch Tower?

    This blog entry is a special anti-malware edition showcasing how the most common bugs security products suffer from can allow a standard user to escalate into a privileged user. What we found...

    Read Article
  • Ask CyberArk Video Podcast Episode 430:29

    Ask CyberArk Video Podcast Episode 4

    Episode #4 features Lavi Lazarovitz, Head of Research at CyberArk Labs to share research on Microsoft Teams vulnerabilities and other research & tools.

    Watch Video
  • Your Network Through the Eyes of a Hacker

    Your Network Through the Eyes of a Hacker

    I’m sure your network’s security is top-notch. You must have already taken care of micro-segmentations, strict firewall policies, and have some kind of EDR solution on the different endpoints. And...

    Read Article
  • An Introduction to Hardware Hacking

    An Introduction to Hardware Hacking

    With the introduction of more and more IOT and embedded devices in the market, hackers are starting to find firmware exploitation as a more viable mechanism for gaining access into networks and...

    Read Article
  • Running Sensitive Apps in WSL: (SAFE + SAFE) < SAFE

    Running Sensitive Apps in WSL: (SAFE + SAFE) < SAFE

    This blog is intended to be a warning bell and to draw attention to a potential security risk involved in running sensitive applications in the WSL (“Windows Subsystem Linux”) Windows utility. As...

    Read Article
  • Make Memcpy Safe Again: CodeQL

    Make Memcpy Safe Again: CodeQL

    Last February, I went to #OffensiveCon20 and, as you might expect, it was awesome. The talks were great, but the real gem was the CodeQL workshop that was held the second day of the event....

    Read Article
  • First Steps to Regain Control on a Compromised Infrastructure47:57

    First Steps to Regain Control on a Compromised Infrastructure

    What do you do when Incidents happens in your organization? How do you respond and what could you do to help mitigate the frequency of incidents?

    Watch Video
  • loading
    Loading More...