Product Update: Duo Detections
Blumira’s incident detection engineering (IDE) team not only creates new detections to protect our customers from the latest threat actor trends and attack techniques, but we rev...
Read MoreSIEM Alerts To Expect During a Pentest
Passing a penetration test, or pentest, is a good sign that you have the right controls in place to detect a real security threat. When you engage with a pentesting or vulne...
Read MorePrintNightmare (CVE-2021-1675 and CVE 2021-34527) Explained
What Happened? Proof-of-concept exploit code was published on Github on June 29, 2021 for a vulnerability (CVE-2021-1675) in Print Spooler (spoolsv.exe), a Windows program that ma...
Read MoreHow To Test Antivirus and EDR Software: A Complete Guide
At Blumira, we regularly onboard new technologies to help our customers integrate their existing security solutions with our cloud SIEM. This means we often need to test new endpoi...
Read MoreHow To Detect Password Lists With Blumira
With an increase in fileless malware’s usage in recent years, there's a growing need to practice security hygiene with secure storage of business credentials as a key component.�...
Read MoreHow to Detect Web Shells With a SIEM
During the recent campaign targeting Microsoft Exchange OWA vulnerabilities, one piece of tradecraft came up again and again. Threat actors deployed web shells that were potentiall...
Read MoreCritical VMware vCenter RCE (CVE-2021-21972) Exploits Released
What Happened Positive Technologies discovered a vulnerability in VMware vCenter/vSphere that allows an unauthenticated attacker to remotely execute code on the VMware hypervisor ...
Read MoreDetecting SolarWinds & Ransomware Attacks With Process Monitoring
While most organizations have antivirus and firewall solutions, modern attacks such as those seen in the SolarWinds campaign and large-scale ransomware attacks delivered by commodi...
Read More