Active Directory PKI Abuse: Detecting Privilege Escalation Through ADCS
Active Directory Certificate Services (ADCS) serves as the backbone for Public Key Infrastructure (PKI) in enterprise environments, managing digital certificates […]
How Attackers Leverage Proofpoint and Intermedia Link Wrapping for Phishing Campaigns
Email security technologies are designed to safeguard users by scanning and rewriting suspicious URLs, ensuring that malicious destinations are identified […]
FortiGate Devices Targeted by Persistent Symlink Backdoor: Over 16,000 Devices Compromised
FortiGate devices have become a target for cybercriminals due to a critical symlink vulnerability in FortiOS. With over 16,000 devices […]
Microsoft November 2024 Patch Tuesday- Critical Updates and Key Vulnerabilities
Introduction Microsoft’s November 2024 Patch Tuesday addresses 87 vulnerabilities across its software suite, including critical zero-day vulnerabilities actively exploited in […]
Detecting and Mitigating Lateral Movement
Background Lateral movement refers to a post-exploitation activity in which a threat actor attempts to penetrate adjacent devices. After acquiring […]
September 2024 – Microsoft Patch Tuesday Highlights
Background Microsoft’s September 2024 Patch Tuesday rollout includes security patches for 79 vulnerabilities. Among these are four zero-days that are […]
CVE-2024-37085: VMware ESXi Hypervisor Vulnerability Exploited by Ransomware Groups
Background On Monday, July 29, Microsoft issued a comprehensive threat intelligence blog detailing the observed exploitation of CVE-2024-37085, an Active […]
Recent CrowdStrike Outage and It Being Abused
Background On 19th July 2024, Friday, a critical disruption was unintentionally caused across several infrastructures and organizations by a regular […]
Alert Advisory: Analysis of the Microsoft Storm-0558 SaaS Breach
The operators of Storm-0558 stole a Microsoft account (MSA) consumer signing key to forge tokens for Azure Active Directory (AD) […]
CSOC Analysts Cybersecurity Toolkit Arsenal
It is safe to say that organizations worldwide have different infrastructure setups, technology, software, and different network architecture types. No […]