Protecting VMWare ESXi Hypervisors from Ransomware
One of the top platforms in the virtualization sector is VMware. Organizations can more effectively use the computing power of […]
Why Threat Actors are Now using Rust to Develop New Ransomware?
Rust, a relatively new programming language, was introduced in 2015 and has since gained popularity for its pleasant developer experience […]
Why Compromise Assessment Should Be a Part of Your Threat Detection and Response Ecosystem
A typical compromise assessment plan uses specialized software and scripts combined with forensic data to find compromises or problems that […]
Royal Ransomware
Royal has been in existence since at least the beginning of 2022, making it a relatively new business. The goal […]
Detecting Cyber-Attacks on Kubernetes Environment
Kubernetes is a container orchestration system that acts as a management abstraction layer. It is an open-source system that aids […]
Alert Advisory: Insight into APT42
APT42 is a state-sponsored cyber espionage group in Iran. The gang, which has been active at least since 2015, is […]
Alert Advisory: New Microsoft Exchange Zero-Days
Late on September 29, 2022, Microsoft acknowledged both zero-day vulnerabilities and stated that they were aware of “limited, targeted attacks […]
Kerberoasting – Active Directory Attack
Active Directory services are usually used by organizations for easily configuring policies and managing permissions. Due to its widespread usage, […]
CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability and Digital Forensics
Microsoft issued CVE-2022-30190 regarding a vulnerability regarding the Microsoft Support Diagnostic Tool (MSDT). This exists when MSDT is called using […]
Ransomware Incident Response Plan – Part 2
Ransomware was and still is one of the most dangerous attacks that can cause catastrophic consequences to the endpoint system […]
Ransomware Incident Response Plan – Part 1
Ransomware was and still is one of the most dangerous attacks that can cause catastrophic consequences to the endpoint system […]
Threat Model and Security Considerations For Remote Workers
As the world faces uncertain times, due to the spread of the pandemic COVID19 (coronavirus) outbreak, organizations around the world […]
12 Steps to Secure Your Organization’s Office 365 Accounts Effectively
Recently, our Incident response team at HAWKEYE received a frantic call from one of our clients saying that their o365 […]