Skip to content
      Adversarial Security
      Featured

      Guarding the Bridge: New Attack Vectors in Azure AD Connect

      By researching Azure AD Connect components, Sygnia was able to discover several attack vectors for extracting Connector credentials and domain users’ NT hashes, while...

      Read More

      Threat Hunting (3)

        Filter by Topic

        Blog Post
        Featured Incident Response Threat Hunting

        End-to-End LOG4SHELL Hunting Strategy

        Log4j2 is a widely used open-source Java logging library developed by the Apache foundation. On December 9, 2021 a critical unauthenticated remote code execution... Read More
        Advisory
        Incident Response Threat Hunting

        Sygnia Advisory: Log4Shell Remote Code Execution

        Updated - December 17, 2021 On December 9, a critical remote code execution (RCE) vulnerability in Java logging library Apache Log4j was made public. The vulnerability,... Read More
        Blog Post
        Incident Response Threat Hunting

        Recent Waves of Phishing Attacks Overpowering 2-factor Authentication

        Real-Time Authentication Phishing Kits implement a Man-in-the-Middle attack technique, allowing threat actors to obtain a live Office365 user session. Conditional Access... Read More
        Threat Report
        Incident Response Threat Research Threat Hunting Ransomware

        Lazarus Group’s Mata Framework Leveraged To Deploy TFlower Ransomware

        Over the past few years, North Korea has turned its offensive cyber operations into a major source of income. On February 17, 2021, the US Department of Justice (DoJ) has... Read More
        Advisory
        Incident Response Threat Hunting Ransomware

        Kaseya Ransomware Supply Chain Attack

        On July 2nd, several managed service providers reported numerous ransomware incidents affecting their clients via Kaseya VSA – an endpoint monitoring and patch management... Read More
        Advisory
        Incident Response Threat Hunting Ransomware

        Detection And Hunting Of Golden SAML Attack

        The SolarWinds software supply chain attack is known to have affected U.S. government agencies, critical infrastructure entities, and private sector organizations by an... Read More