Threat Research

2022 Verizon DBIR: 15 Years, 15 Takeaways

Since 2008, the Verizon Data Breach Investigations Report (DBIR) has provided the global cybersecurity community with valuable insights on the evolving threat landscape. Not only does the latest...

Read Article
CyberArk Named a Leader in the 2022 Gartner® Magic Quadrant™ for Privileged Access Management – again.
View the Report
Identity Security Threat Landscape 2022 Infographic

CYBERSECURITY DEBT PERMEATES ORGANIZATIONS

Read Flipbook
How Digital Identities Drive Cybersecurity Debt, the Hidden Transformation Trade-Off

Many cybersecurity concepts are complex and often difficult to explain to non-technical audiences. Kerberoasting? Golden SAML? Huh? This can make it challenging for security leaders to communicate...

Read Article
CyberArk 2022 Identity Security Threat Landscape Report

Massive Growth of Digital Identities Is Driving Rise in Cybersecurity Debt.

Read Flipbook
Ransomware Rewind: From Floppy Disks to Ransomcloud Attacks

From plug-and-play ransomware-as-a-service offerings to highly skilled operator-based attacks, ransomware is proof that cyber attackers are constantly innovating to achieve their goals. Long...

Read Article
Conti Group Leaked!

The conflict in Ukraine has driven significant attention from the cybersecurity community, due in large part to the cyber attacks conducted against Ukraine infrastructure — including evidence of...

Read Article
Mission: Cyber Resilience

With all eyes on Ukraine, CISOs and other security leaders are heeding the call of governments and intelligence agencies to “shield up.” In recent weeks, nation-state threat actors have ramped up...

Read Article
HermeticWiper: What We Know About New Malware Targeting Ukrainian Infrastructure (Thus Far)

As geopolitical tensions continue to mount, reports are emerging of a new wiper malware targeting Ukrainian infrastructure, such as government departments. Symantec and ESET research first tweeted...

Read Article
How Docker Made Me More Capable and the Host Less Secure

TL;DR After Docker released a fix [1] for CVE-2021-21284 [2], it unintentionally created a new vulnerability that allows a low-privileged user on the host to execute files from Docker images....

Read Article
Checking for Vulnerable Systems for CVE-2021-4034 with PwnKit-Hunter

What is PwnKit Vulnerability CVE-2021-4034? On January 25th, 2022, a critical vulnerability in polkit’s pkexec was publicly disclosed (link). The Qualys research team named this vulnerability...

Read Article
Analyzing Malware with Hooks, Stomps and Return-addresses

Table of Contents Introduction The First Detection The Module Stomp Bypass The Module Stomp Detection Final Thoughts Introduction This is the second post in my series and with this post we will...

Read Article
CISA on Ukraine Cyber Attacks: Are You at Risk?

Reports of a large-scale cyber attack targeting Ukrainian organizations and several government department websites have emerged in recent days. In response, the Cybersecurity & Infrastructure...

Read Article
Attacking RDP from Inside: How we abused named pipes for smart-card hijacking, unauthorized file system access to client machines and more

In this blog post we are going to discuss the details of a vulnerability in Windows Remote Desktop Services, which we recently uncovered. We reported the vulnerability to Microsoft in a...

Read Article
3 Cyber Attacks that Didn’t Get Enough Attention in 2021 (But Probably Should Have)

In 1988, graduate student Robert Tappan Morris created a computer worm and inadvertently launched what many consider to be the world’s first cyber attack. Since that infamous “Morris Worm,” major...

Read Article
Has SolarWinds Transformed Cybersecurity?

A year ago, the business world entered 2021 still reeling from the catastrophic SolarWinds attack that impacted thousands of organizations and put software supply chain risks on everyone’s radar —...

Read Article
When Threat Research Goes Wrong: Spectacular Screwups and What to Learn from Them

Threat researchers on the cutting edge of cybersecurity have a certain kind of drive — almost a relentless need — to get into the attacker’s mind, solve the “unsolvable” challenge and expose ...

Read Article
Log4j: What to Know. What to Do. And How to Stay Ahead

In December 2020, a series of network breaches was reported in rapid succession — the beginning of what soon became known as the cyber attack that changed everything. By compromising identities...

Read Article
Cybersecurity Trends for 2022: The Roots of Attacker Innovation

The Greek philosopher Heraclitus once said “the only constant is change.” This still rings true thousands of years later — particularly as we reflect on 2021, another year marked by continued...

Read Article
How to Use the MITRE ATT&CK Framework to Fight Ransomware Attacks

Chinese military general Sun Tzu’s treatise The Art of War has been cited over the years by millions of self-help gurus and corporate strategy consultants – and misquoted in a million more...

Read Article
Cracking WiFi at Scale with One Simple Trick

How I Cracked 70% of Tel Aviv’s Wifi Networks (from a Sample of 5,000 Gathered WiFi). In the past seven years that I’ve lived in Tel Aviv, I’ve changed apartments four times. Every time I...

Read Article
Loading More...

Threat Research​

2022 Verizon DBIR: 15 Years, 15 Takeaways

Since 2008, the Verizon Data Breach Investigations Report (DBIR) has provided the global cybersecurity community with valuable insights on the evolving threat landscape. Not only does the latest...

Identity Security Threat Landscape 2022 Infographic

CYBERSECURITY DEBT PERMEATES ORGANIZATIONS

How Digital Identities Drive Cybersecurity Debt, the Hidden Transformation Trade-Off

Many cybersecurity concepts are complex and often difficult to explain to non-technical audiences. Kerberoasting? Golden SAML? Huh? This can make it challenging for security leaders to communicate...

CyberArk 2022 Identity Security Threat Landscape Report

Massive Growth of Digital Identities Is Driving Rise in Cybersecurity Debt.

Ransomware Rewind: From Floppy Disks to Ransomcloud Attacks

From plug-and-play ransomware-as-a-service offerings to highly skilled operator-based attacks, ransomware is proof that cyber attackers are constantly innovating to achieve their goals. Long...

Conti Group Leaked!

The conflict in Ukraine has driven significant attention from the cybersecurity community, due in large part to the cyber attacks conducted against Ukraine infrastructure — including evidence of...

Mission: Cyber Resilience

With all eyes on Ukraine, CISOs and other security leaders are heeding the call of governments and intelligence agencies to “shield up.” In recent weeks, nation-state threat actors have ramped up...

HermeticWiper: What We Know About New Malware Targeting Ukrainian Infrastructure (Thus Far)

As geopolitical tensions continue to mount, reports are emerging of a new wiper malware targeting Ukrainian infrastructure, such as government departments. Symantec and ESET research first tweeted...

How Docker Made Me More Capable and the Host Less Secure

TL;DR After Docker released a fix [1] for CVE-2021-21284 [2], it unintentionally created a new vulnerability that allows a low-privileged user on the host to execute files from Docker images....

Checking for Vulnerable Systems for CVE-2021-4034 with PwnKit-Hunter

What is PwnKit Vulnerability CVE-2021-4034? On January 25th, 2022, a critical vulnerability in polkit’s pkexec was publicly disclosed (link). The Qualys research team named this vulnerability...

Analyzing Malware with Hooks, Stomps and Return-addresses

Table of Contents Introduction The First Detection The Module Stomp Bypass The Module Stomp Detection Final Thoughts Introduction This is the second post in my series and with this post we will...

CISA on Ukraine Cyber Attacks: Are You at Risk?

Reports of a large-scale cyber attack targeting Ukrainian organizations and several government department websites have emerged in recent days. In response, the Cybersecurity & Infrastructure...

Attacking RDP from Inside: How we abused named pipes for smart-card hijacking, unauthorized file system access to client machines and more

In this blog post we are going to discuss the details of a vulnerability in Windows Remote Desktop Services, which we recently uncovered. We reported the vulnerability to Microsoft in a...

3 Cyber Attacks that Didn’t Get Enough Attention in 2021 (But Probably Should Have)

In 1988, graduate student Robert Tappan Morris created a computer worm and inadvertently launched what many consider to be the world’s first cyber attack. Since that infamous “Morris Worm,” major...

Has SolarWinds Transformed Cybersecurity?

A year ago, the business world entered 2021 still reeling from the catastrophic SolarWinds attack that impacted thousands of organizations and put software supply chain risks on everyone’s radar —...

When Threat Research Goes Wrong: Spectacular Screwups and What to Learn from Them

Threat researchers on the cutting edge of cybersecurity have a certain kind of drive — almost a relentless need — to get into the attacker’s mind, solve the “unsolvable” challenge and expose ...

Log4j: What to Know. What to Do. And How to Stay Ahead

In December 2020, a series of network breaches was reported in rapid succession — the beginning of what soon became known as the cyber attack that changed everything. By compromising identities...

Cybersecurity Trends for 2022: The Roots of Attacker Innovation

The Greek philosopher Heraclitus once said “the only constant is change.” This still rings true thousands of years later — particularly as we reflect on 2021, another year marked by continued...

How to Use the MITRE ATT&CK Framework to Fight Ransomware Attacks

Chinese military general Sun Tzu’s treatise The Art of War has been cited over the years by millions of self-help gurus and corporate strategy consultants – and misquoted in a million more...

Cracking WiFi at Scale with One Simple Trick

How I Cracked 70% of Tel Aviv’s Wifi Networks (from a Sample of 5,000 Gathered WiFi). In the past seven years that I’ve lived in Tel Aviv, I’ve changed apartments four times. Every time I...

Threat Research