Threat Research​

  • Fuzzing RDP: Holding the Stick at Both Ends

    Fuzzing RDP: Holding the Stick at Both Ends

    Introduction This post describes the work we’ve done on fuzzing the Windows RDP client and server, the challenges of doing so, and some of the results. The Remote Desktop Protocol (RDP) by...

    Read Article
  • Black Hat Reflections: Supply Chain Attacks, Zero Days and Disclosures

    Black Hat Reflections: Supply Chain Attacks, Zero Days and Disclosures

    Black Hat 2021 had a markedly different tone from previous years. Welcoming remarks explored the strong parallels between cybersecurity and COVID-19 prevention, with founder Jeff Moss asking...

    Read Article
  • Gartner Names CyberArk a Leader in the 2021 Magic Quadrant for PAM

    Download Now
  • Introducing the CyberTalk with CyberArk Podcast Series: On-the-Go Cybersecurity Insights

    Introducing the CyberTalk with CyberArk Podcast Series: On-the-Go Cybersecurity Insights

    Ninety-one percent of cybersecurity practitioners agree they must keep up with their skills, or the organizations they work for are at a significant disadvantage against today’s cyber adversaries,...

    Read Article
  • The Anatomy of the Codecov Breach: A CyberArk Labs Webinar29:32

    The Anatomy of the Codecov Breach: A CyberArk Labs Webinar

    The breach on code testing software vendor Codecov could have easily gone unnoticed for an indefinite amount of time. CyberArk labs presents the anatomy of the CodeCov software supply chain attack

    Watch Video
  • FickerStealer: A New Rust Player in the Market

    FickerStealer: A New Rust Player in the Market

    This blog introduces a new information stealer, written in Rust and interestingly named FickerStealer. In this blog post, we provide an in-depth analysis of this new threat and its obfuscation...

    Read Article
  • Bypassing Windows Hello Without Masks or Plastic Surgery

    Bypassing Windows Hello Without Masks or Plastic Surgery

    Biometric authentication is beginning to see rapid adoption across the enterprise as organizations look to incorporate passwordless solutions to help mitigate the numerous security risks inherent...

    Read Article
  • In Kaseya Supply Chain Ransomware Attack History Repeats Itself

    In Kaseya Supply Chain Ransomware Attack History Repeats Itself

    While many Americans took off early to jump-start the Independence Day weekend, cyber attackers were launching the single biggest ransomware attack in history. It’s estimated that at least 800 to...

    Read Article
  • Best Defense? Our Red Team Lead Reveals 4 MFA Bypass Techniques

    Best Defense? Our Red Team Lead Reveals 4 MFA Bypass Techniques

    Digital transformation, widespread remote work due to the COVID-19 pandemic and ever-increasing reliance on cloud services and infrastructure have all contributed to new enterprise access...

    Read Article
  • Hack(er)-of-All-Trades: Q&A with CyberArk Technical Evangelist Andy Thompson

    Hack(er)-of-All-Trades: Q&A with CyberArk Technical Evangelist Andy Thompson

    We can’t help it. We hear the word “hacker” and our minds instantly go to shadowy figures in dark rooms frantically causing as much malicious digital mayhem as they can. It’s a misconception that...

    Read Article
  • Attacking Kubernetes Clusters Through Your Network Plumbing: Part 2

    Attacking Kubernetes Clusters Through Your Network Plumbing: Part 2

    In Part 1 of this blog post, we discussed attack vectors that utilize the different features of the devices that network plugins use, such as bridge devices and tunneling devices (VXLAN in...

    Read Article
  • Virtual Cloak: Virtualization as Malware

    Virtual Cloak: Virtualization as Malware

    Virtualization is a double-edged sword The glorious rise of the cloud in recent years could be attributed to the gradual advancement of many different technologies, both hardware and software...

    Read Article
  • Can You Stop a Cyborg Attack? Get Inside a Biohacker’s Mind at RSA 2021

    Can You Stop a Cyborg Attack? Get Inside a Biohacker’s Mind at RSA 2021

    With a consuming curiosity, obsession with lock picking – both physical and abstract – and sharp technical mind, Len Noe has been breaking and building things nearly all of his life. Hacking, as...

    Read Article
  • Kubesploit: A New Offensive Tool for Testing Containerized Environments

    Kubesploit: A New Offensive Tool for Testing Containerized Environments

    In this blog post, we will introduce a new open-source tool we developed, named Kubesploit, for testing Kubernetes environments. This is a full framework, dedicated to Kubernetes, to assist...

    Read Article
  • The Mysterious Realm of JavaScriptCore

    The Mysterious Realm of JavaScriptCore

    TL;DR JavaScriptCore (JSC) is the JavaScript engine used by Safari, Mail, App Store and many other apps in MacOs. The JSC engine is responsible for executing every line of JavaScript (JS) that...

    Read Article
  • Kinsing: The Malware with Two Faces

    Kinsing: The Malware with Two Faces

    Lately, we’ve been busy researching the developing field of cloud and container threats. Why focus here? Because, as this technology becomes more popular and continues to evolve, attackers are...

    Read Article
  • The Strange Case of How We Escaped the Docker Default Container

    The Strange Case of How We Escaped the Docker Default Container

    TL;DR During an internal container-based Red Team engagement, the Docker default container spontaneously and silently changed cgroups overnight, which allowed us to escalate privileges and gain...

    Read Article
  • The Anatomy of the SolarWinds Attack Chain

    The Anatomy of the SolarWinds Attack Chain

    Imagine there’s an attacker lurking inside your network right now. Do you have the ability to find out and respond before they can cause harm? Now imagine your adversary has privileged access to...

    Read Article
  • Hunting Azure Blobs Exposes Millions of Sensitive Files

    Hunting Azure Blobs Exposes Millions of Sensitive Files

    We hear about it all the time – data breaches that expose a company’s sensitive information. Nearly all of us have been warned that our passwords, email addresses or even credit cards have...

    Read Article
  • Breach of Trust: How Cyber-Espionage Thrives On Human Nature

    Breach of Trust: How Cyber-Espionage Thrives On Human Nature

    With so much of daily life tethered to digital communication and most of our important information residing in data clouds, we’ve all got a lot riding in this virtual atmosphere. So naturally, the...

    Read Article
  • Analyzing Ransomware and Potential Mitigation Strategies

    Analyzing Ransomware and Potential Mitigation Strategies

    Ransomware, one of the most pervasive and dangerous threats facing organizations today is everywhere. Read more to find out how CyberArk helps mitigate ransomware threats.

    Read Flipbook
  • loading
    Loading More...