Search Results for: exploitation Knowledge Center Django Templates Server-Side Template Injection v1.0 June 16, 2021 Long gone are days of static websites, nowadays sites need to be dynamic to be attractive and useful. One of... Knowledge Center DearCry Ransomware Malware Analysis and Reverse Engineering April 8, 2021 The goal of this paper is to provide a deep analysis of DearCry ransomware and demonstrate some techniques of malware... Knowledge Center Microsoft Exchange – ProxyLogon Vulnerability Analysis March 18, 2021 The goal of this case study is to summarize technical details of the ProxyLogon vulnerability alongside with other vulnerabilities that... Blog Post Zero-days in Accellion file transfer app used for data theft March 4, 2021 Back in December 2020, a software vendor Accellion informed about an actively exploited zero-day vulnerability in its File Transfer Appliance... Blog Post Three Lessons the Accellion FTA Hack of Shell Reminded Us April 6, 2021 At the beginning of March, we informed about four actively exploited zero-day vulnerabilities in the Accellion file transfer appliance (FTA).... Knowledge Center REvil Sodinokibi Ransomware September 23, 2020 Overview During a recent client engagement, the LIFARS DFIR team encountered the REvil/Sodinokibi Ransomware group. The typical attack vector chosen... Blog Post Threat Actors Exploitation of COVID-19 Pandemic – FBI Alert May 2, 2020 The FBI’s Weapons of Mass Destruction Directorate in coordination with the Office of Private Sector is providing this LIR to... Knowledge Center A Deep Dive into The Grief Ransomware’s Capabilities January 11, 2022 Grief ransomware is the successor of the DoppelPaymer ransomware, which emerged from the BitPaymer ransomware. Grief is deployed in an... Knowledge Center Mitigating Credential Dumping on Windows Clients July 9, 2021 Credential dumping from compromised Windows clients allows the attacker to perform lateral movement and gain control even after more sensitive hosts... Blog Post 50% of Servers Have Weak Security Long After Patches Are Released November 2, 2021 Patch, patch, and patch again. This mantra has been repeated by security experts over and over again as one of... Blog Post University Breach: Wi-Fi Networks Log-In Credentials, Thousands are Exposed October 28, 2021 Multiple certificate misconfiguration flaws in a free Wi-Fi network used by students and faculty from various universities can lead to... Blog Post HolesWarm (Crypto-Miner) Malware Targeted Unpatched Windows and Linux Servers September 16, 2021 Researchers at a security firm named Tencent have recently revealed details about the botnet crypto-miner. For the record, the crypto-miner... Blog Post NSA Discovers New Critical Vulnerabilities In Exchange Server April 20, 2021 Admins of the Microsoft Exchange Server have been having rough weeks. Yet, matters still do not seem to be getting... Blog Post Lemon Duck Hacking Group Adopts Microsoft Exchange Server Vulnerabilities in New Attacks May 26, 2021 A hacking group called Lemon Duck has engaged itself in exploiting Microsoft Exchange Server vulnerabilities and using decoy TLDs (top-level... Blog Post U.S. Offering $10 million to Track Down Darkside Leadership December 10, 2021 On November 4th, the U.S. government announced a reward of up to $10 million for any information that could lead...
Knowledge Center Django Templates Server-Side Template Injection v1.0 June 16, 2021 Long gone are days of static websites, nowadays sites need to be dynamic to be attractive and useful. One of...
Knowledge Center DearCry Ransomware Malware Analysis and Reverse Engineering April 8, 2021 The goal of this paper is to provide a deep analysis of DearCry ransomware and demonstrate some techniques of malware...
Knowledge Center Microsoft Exchange – ProxyLogon Vulnerability Analysis March 18, 2021 The goal of this case study is to summarize technical details of the ProxyLogon vulnerability alongside with other vulnerabilities that...
Blog Post Zero-days in Accellion file transfer app used for data theft March 4, 2021 Back in December 2020, a software vendor Accellion informed about an actively exploited zero-day vulnerability in its File Transfer Appliance...
Blog Post Three Lessons the Accellion FTA Hack of Shell Reminded Us April 6, 2021 At the beginning of March, we informed about four actively exploited zero-day vulnerabilities in the Accellion file transfer appliance (FTA)....
Knowledge Center REvil Sodinokibi Ransomware September 23, 2020 Overview During a recent client engagement, the LIFARS DFIR team encountered the REvil/Sodinokibi Ransomware group. The typical attack vector chosen...
Blog Post Threat Actors Exploitation of COVID-19 Pandemic – FBI Alert May 2, 2020 The FBI’s Weapons of Mass Destruction Directorate in coordination with the Office of Private Sector is providing this LIR to...
Knowledge Center A Deep Dive into The Grief Ransomware’s Capabilities January 11, 2022 Grief ransomware is the successor of the DoppelPaymer ransomware, which emerged from the BitPaymer ransomware. Grief is deployed in an...
Knowledge Center Mitigating Credential Dumping on Windows Clients July 9, 2021 Credential dumping from compromised Windows clients allows the attacker to perform lateral movement and gain control even after more sensitive hosts...
Blog Post 50% of Servers Have Weak Security Long After Patches Are Released November 2, 2021 Patch, patch, and patch again. This mantra has been repeated by security experts over and over again as one of...
Blog Post University Breach: Wi-Fi Networks Log-In Credentials, Thousands are Exposed October 28, 2021 Multiple certificate misconfiguration flaws in a free Wi-Fi network used by students and faculty from various universities can lead to...
Blog Post HolesWarm (Crypto-Miner) Malware Targeted Unpatched Windows and Linux Servers September 16, 2021 Researchers at a security firm named Tencent have recently revealed details about the botnet crypto-miner. For the record, the crypto-miner...
Blog Post NSA Discovers New Critical Vulnerabilities In Exchange Server April 20, 2021 Admins of the Microsoft Exchange Server have been having rough weeks. Yet, matters still do not seem to be getting...
Blog Post Lemon Duck Hacking Group Adopts Microsoft Exchange Server Vulnerabilities in New Attacks May 26, 2021 A hacking group called Lemon Duck has engaged itself in exploiting Microsoft Exchange Server vulnerabilities and using decoy TLDs (top-level...
Blog Post U.S. Offering $10 million to Track Down Darkside Leadership December 10, 2021 On November 4th, the U.S. government announced a reward of up to $10 million for any information that could lead...