What Happened? Microsoft recently published two critical CVEs related to Active Directory (CVE-2021-42278 and CVE-2021-42287), which when combined by a malicious actor could lead to privilege escalation with a direct path to a compromised domain. In mid-December 2021, a public exploit that combined these two Microsoft Active Directory design flaws (referred also as “noPac”) … [Read more...] about noPac Exploit: Microsoft AD Flaw May Lead to Total Domain Compromise
This blog was originally published Oct. 1, 2021 on humio.com. Humio is a CrowdStrike Company. What is an indicator of compromise (IOC)? An indicator of compromise (IOC) is a piece of digital forensics that suggests that an endpoint or network may have been breached. The ability to monitor for indicators of compromise is critical to a comprehensive cybersecurity strategy, … [Read more...] about Extend Threat Visibility With Humio’s Integration With CrowdStrike’s Indicators of Compromise (IOCs)
An ever-evolving and rampant form of cybercrime that targets emails as the potential medium to conduct fraud is known as Business Email Compromise. Targeting commercial, government as well as non-profit organizations, BEC can lead to huge amounts of data loss, security breach, and compromised financial assets. It is a common misconception that cybercriminals usually lay their … [Read more...] about How to Fight Business Email Compromise (BEC) with Email Authentication?
Threat Research This blog post was authored by Nick Biasini and Edmund Brumaghin of Cisco Talos. Executive Summary With the U.S. presidential primaries just around the corner, even malware authors can’t help but get behind the frenzy. Cisco Talos recently discovered several malware distribution campaigns where the adversaries were utilizing … [Read more...] about How Adversaries Use Politics for Compromise