PDBlaster: Making Bread from Attacker Breadcrumbs
Introduction Malware developers often leave unintentional hints about their development practices, goals, and identities in the executables they publish. These breadcrumbs can...
Understanding Nation-state Threat Actors with VECTR and MITRE ATT&CK
International political relationships sometimes have the potential to create an elevated risk of cyber-attacks. In light of recent events, there are escalated concerns about...
Closing the IoT Blind Spot
In many organizations, some of the most critical IT assets consist of specialized equipment which resides on a manufacturing floor or within research and development labs,...
PCI v4 and a ‘Customized’ Approach – PCI Community Meeting 2019 Insights
TL,DR; PCI v4 was previewed for the first-time during Day 1 of the PCI Community Meeting PCI v4 has significant changes and introduces a “Customized Approach” to achieve PCI...
PAM: High Impact, High Failure Rate
Privileged Account Management (PAM) is a critical function in a modern cyber security program. PAM programs have a high fail rate for a variety of reasons, including: Lack of...
Direct Access Memories: Subverting FDE with DMA Attacks
Tl;dr: By expanding on research, we were able to successfully gain full administrative access on a sample of laptops from corporate environments with Full Disk Encryption enabled...
Listen to the Cyber Kumite Podcast and Video Series
Each week we deliver new discussions about the cybersecurity industry, challenges, and best practices. CISOs and other security specialists join us to bring their insight on each topic.
Interested in what we do?
Explore our Advisory Services to learn how our team can help improve your cyber program.