research
Microsoft Entra ID: The Complete Guide to Conditional Access Policies
Here it is – everything you need to know about using Entra ID’s Conditional Access policies to boost your identity security posture. Microsoft Entra ID (formerly Azure Active Directory) is Microsoft’s cloud-based ...
A Faster Path to Memory Safety: CHERI, Memory Tagging, and Control Flow Integrity
Recently, the White House published a technical paper asking organizations to develop roadmaps for implementing memory safety in their software applications. The goal is to eliminate a broad class of software defects ...
Tax Season Phishing Surge: Cyber Exploits with AsyncRAT
Rise of AsyncRAT: Navigating Tax-Themed Cyber Threats and WinRAR Vulnerabilities In the last few days, we have seen a rise of cyber attacks conducted by AsyncRAT focusing on ‘TAX attacks context.’ AsyncRAT is ...
Microsoft Entra ID: The Complete Guide to Conditional Access Policies
Get everything you need to know about using EntraID Conditional Access policies to boost your identity security posture. The post Microsoft Entra ID: The Complete Guide to Conditional Access Policies appeared first ...
Don’t Play with Fire: Prioritize Zyxel Firewall Update to Fix Unreported Vulnerability
Our analysis has identified multiple vulnerabilities affecting Zyxel’s USG line of firewalls and VPN appliances running firmware versions 5.36 and below. The vulnerabilities can allow an unauthenticated attacker to force the admin ...
A Guide to the Gartner IAM Summit in London
Get a checklist for 6 critical learning objectives for the event, and jump start your agenda planning with our top 10 analyst session picks. In just one week, Europe’s version of Gartner’s ...
A Guide to the Gartner IAM Summit in London
Get a checklist for 6 critical learning objectives for the event, and jump start your agenda planning with our top 10 analyst session picks. In just one week, Europe’s version of Gartner’s ...
How ITDR Could Have Helped Microsoft in the Midnight Blizzard Hack
Identity-based attacks are on the rise, but they can be prevented with the right identity threat detection and response (ITDR) measures. As winter crept in last year, so did identity threat actors ...
ADCS ESC13 Abuse Technique
It is possible to configure an Active Directory Certificate Services (ADCS) certificate template with an issuance policy having an OID group link to a given AD group. This configuration makes AD treat ...
2023 Ransomware Attack Report
The 2023 ransomware attack report summarizes the major changes we saw in ransomware trends and tactics by geography, sector and variant ...