Get a demo
    Augment your Windows and EDR telemetry with Sysmon
    Augment your Windows and EDR telemetry with Sysmon

    Sysmon (System Monitor) is one of the popular tools from Sysinternals for monitoring and logging...
    Emerging Threats: ChromeLoader: A rise in malvertisers
    Emerging Threats: ChromeLoader: A rise in malverti...

    This blog post provides an overview of the research conducted on a surge of increasing threat -...
    Detecting Atlassian confluence remote code execution vulnerability (CVE-2022-26134) in Logpoint
    Detecting Atlassian confluence remote code executi...

    by Bhabesh Raj Rai, Security Research On June 2, 2022, Atlassian released a security advisory for a...
    Detecting Follina: Microsoft Office remote code execution zero-day
    Detecting Follina: Microsoft Office remote code ex...

    On May 27, 2022, a security researcher highlighted a malicious document submitted to VirusTotal...
    Detecting high severity AD privilege escalation vulnerability
    Detecting high severity AD privilege escalation vu...

    In this month’s patch Tuesday, Microsoft fixed a high severity privilege escalation vulnerability...
    Emerging Threats: Buzz of the Bumblebee – A new malicious loader
    Emerging Threats: Buzz of the Bumblebee – A new ma...

    This blog post provides an overview of the research conducted on a new malicious loader dubbed...
    Hunting and remediating ngrok tunnels using Logpoint
    Hunting and remediating ngrok tunnels using Logpoi...

    Among developers, ngrok is a popular reverse proxy utility for exposing internal services to the...
    In-depth look at the NetWalker ransomware operators
    In-depth look at the NetWalker ransomware operator...

    by Gustav Elkjær Rødsgaard, Junior Security Analyst In 2019 Netwalker, a type of ransomware that is...
    Detecting malicious macros is a vital tool in the fight against malware
    Detecting malicious macros is a vital tool in the ...

    by Bhabesh Raj Rai, Security Research Even the most sophisticated and advanced state-sponsored...
    Detecting PwnKit local privilege escalation vulnerability
    Detecting PwnKit local privilege escalation vulner...

    by Bhabesh Raj Rai, Security Research Department On January 25, 2022, Qualys disclosed the details...
    Detecting, investigating and mitigating privilege escalation vulnerabilities to prevent full AD control
    Detecting, investigating and mitigating privilege ...

    Recent Active Directory (AD) privilege escalation vulnerabilities allow standard domain users to...
    Detecting Log4Shell requires more than just a SIEM
    Detecting Log4Shell requires more than just a SIEM

    The Log4Shell exploit is serious - it's difficult to detect, used in lots and lots of software and...