Featured Incident Response Threat Hunting

Vice Society-the Ransomware Group the Health and Education Sectors Should Look Out For

Read More

Threat Hunting (2)

Featured Incident Response Threat Hunting

Sygnia Advisory: Potential Okta Breach

executive summary On March 22nd, 2022, the LAPSUS$ threat group published potential evidence of a successful breach of Okta, a widely used identity provider. This... Read More

Featured Incident Response Threat Hunting

Advisory: Russia–Ukraine Conflict Escalation

executive summary As we continue to closely monitor the unfolding conflict between Russia and Ukraine, we're publishing this advisory to support global organizations. The... Read More

Featured Incident Response Threat Hunting

End-to-End LOG4SHELL Hunting Strategy

Log4j2 is a widely used open-source Java logging library developed by the Apache foundation. On December 9, 2021 a critical unauthenticated remote code execution... Read More

Incident Response Threat Hunting

Sygnia Advisory: Log4Shell Remote Code Execution

Updated - December 17, 2021 On December 9, a critical remote code execution (RCE) vulnerability in Java logging library Apache Log4j was made public. The vulnerability,... Read More

Incident Response Threat Hunting

Recent Waves of Phishing Attacks Overpowering 2-factor Authentication

Real-Time Authentication Phishing Kits implement a Man-in-the-Middle attack technique, allowing threat actors to obtain a live Office365 user session. Conditional Access... Read More

Incident Response Threat Research Threat Hunting Ransomware

Lazarus Group’s Mata Framework Leveraged To Deploy TFlower Ransomware

Over the past few years, North Korea has turned its offensive cyber operations into a major source of income. On February 17, 2021, the US Department of Justice (DoJ) has... Read More

1
2
3