Microsoft Entra ID: The Complete Guide to Conditional Access Policies

Microsoft Entra ID: The Complete Guide to Conditional Access Policies

Here it is – everything you need to know about using Entra ID’s Conditional Access policies to boost your identity security posture. Microsoft Entra ID (formerly Azure Active Directory) is Microsoft’s cloud-based ...
A Faster Path to Memory Safety: CHERI, Memory Tagging, and Control Flow Integrity

A Faster Path to Memory Safety: CHERI, Memory Tagging, and Control Flow Integrity

| | Blog, research
Recently, the White House published a technical paper asking organizations to develop roadmaps for implementing memory safety in their software applications. The goal is to eliminate a broad class of software defects ...
Tax Season Phishing Surge: Cyber Exploits with AsyncRAT 

Tax Season Phishing Surge: Cyber Exploits with AsyncRAT 

| | Blog, research
Rise of AsyncRAT: Navigating Tax-Themed Cyber Threats and WinRAR Vulnerabilities  In the last few days, we have seen a rise of cyber attacks conducted by AsyncRAT focusing on ‘TAX attacks context.’ AsyncRAT is ...
Microsoft Entra ID: The Complete Guide to Conditional Access Policies

Microsoft Entra ID: The Complete Guide to Conditional Access Policies

Get everything you need to know about using EntraID Conditional Access policies to boost your identity security posture. The post Microsoft Entra ID: The Complete Guide to Conditional Access Policies appeared first ...
Don’t Play with Fire: Prioritize Zyxel Firewall Update to Fix Unreported Vulnerability

Don’t Play with Fire: Prioritize Zyxel Firewall Update to Fix Unreported Vulnerability

| | Blog, research
Our analysis has identified multiple vulnerabilities affecting Zyxel’s USG line of firewalls and VPN appliances running firmware versions 5.36 and below. The vulnerabilities can allow an unauthenticated attacker to force the admin ...
😉

A Guide to the Gartner IAM Summit in London

Get a checklist for 6 critical learning objectives for the event, and jump start your agenda planning with our top 10 analyst session picks. In just one week, Europe’s version of Gartner’s ...
😉

A Guide to the Gartner IAM Summit in London

Get a checklist for 6 critical learning objectives for the event, and jump start your agenda planning with our top 10 analyst session picks. In just one week, Europe’s version of Gartner’s ...

How ITDR Could Have Helped Microsoft in the Midnight Blizzard Hack

Identity-based attacks are on the rise, but they can be prevented with the right identity threat detection and response (ITDR) measures.  As winter crept in last year, so did identity threat actors ...
ADCS ESC13 Abuse Technique

ADCS ESC13 Abuse Technique

It is possible to configure an Active Directory Certificate Services (ADCS) certificate template with an issuance policy having an OID group link to a given AD group. This configuration makes AD treat ...
2023 State of Ransomware Report Summary

2023 Ransomware Attack Report

| | Ransomware, research
The 2023 ransomware attack report summarizes the major changes we saw in ransomware trends and tactics by geography, sector and variant ...