Real-World Examples of Detecting Attacks with Sysmon
Sysmon provides detailed system, process, and network activity logging that Windows itself does not natively provide. This extra visibility has helped security teams detect many re...
Read MoreSecurity Detection Update – 2024-02-27
Security Detection Update - 2024-02-27 Hello World! Welcome to our weekly security detection and report update. Our Incident Detection Engineering (IDE) Team is constantly hard ...
Read MoreIvanti Connect Secure VPN & Policy Secure Vulnerabilities
Ivanti Connect Secure VPN & Policy Secure Vulnerabilities What Happened? Researchers have released and reported active exploitation of a collection of four different vu...
Read MoreWhy You Should Migrate From On-Premise Exchange
Writing this article takes me back to my first IT job out of college. I worked at a small ISP that also hosted email, web servers, backups, and other MSP services (before we called...
Read MoreMasked Application Attack Incident Report
Executive Summary On November 20, 2023, Blumira produced three findings that led to a Security Incident investigation regarding remote code being run on two separate XYZ Company h...
Read MoreThe steps municipalities can take to prepare for rising cyberattacks
This blog post was originally posted in BetaNews. Cyberattacks are on the rise across all industries, but the history of the public sector’s weaker protections makes it an inc...
Read MoreDEF CON 31’s Top Security Talks for Mid-Sized Firms
DEF CON is the world's largest annual hacker conference, and it's a great place to learn about the latest security threats and how to protect your organization. This year's con...
Read MoreAuthentication Protocols 101: NTLM, Kerberos, LDAP and RADIUS
Establishing the right authentication protocol for your business is one way to achieve better security, but the process can be overwhelming. We’ll walk you through some comm...
Read MoreHow To Detect SYSVOL Enumeration Exploits
SYSVOL is a target for attackers who want to gain unauthorized access to the domain. An attacker accessing a domain is catastrophic to any organization. We commonly see early stage...
Read MoreWhat Are Event Logs and Why Do They Matter?
Logs are everywhere -- which is good because they're a critical piece of operations work in computing, whether you work in DevOps, security operations, or IT operations. Analyzi...
Read More