Skip to content

    Guarding the Bridge: New Attack Vectors in Azure AD Connect

    By researching Azure AD Connect components, Sygnia was able to discover several attack vectors for extracting Connector credentials and domain users’ NT hashes, while...

    Read More

    Incident Response

      Filter by Topic

      Threat Hunting Blog Post

      Breaking Down the Casbaneiro Infection Chain – Part II

      Read More
      Incident Response

      Case Study: Global MITM Campaign with Threat Intelligence Toolkit

      Sygnia recently investigated a Cheerscrypt ransomware attack which utilized Night Sky ransomware TTPs. Further analysis revealed that Cheerscrypt and Night Sky are both... Read More
      Incident Response Threat Hunting

      Threat Actor Spotlight: RagnarLocker Ransomware

      Key Takeaways The FBI’s Internet Crime Complaint Center (IC3) recently published their internet crime report for 2022. The report indicates that during 2022 there was an... Read More
      Threat Hunting Blog Post

      Incident Response in Google Cloud: Forensic Artifacts

      Key Takeaways Forensic data across Google Cloud can logically be organized into three categories: Identity Management, Google Workspace Apps, and Google Cloud Platform... Read More
      Incident Response Threat Hunting Blog Post

      Incident Response in Google Cloud: Foundations

      Key Takeaways Although Google Cloud is becoming more widely used, research and documentation surrounding incident response is limited, and for many aspects non-existent. ... Read More
      Featured Incident Response Threat Research

      Revealing Emperor Dragonfly: Night Sky and Cheerscrypt - A Single Ransomware Group

      Sygnia recently investigated a Cheerscrypt ransomware attack which utilized Night Sky ransomware TTPs. Further analysis revealed that Cheerscrypt and Night Sky are both... Read More