Threat Advisory
DTEX i3 Threat Advisory Provides Detections for LOTL, C2 Abuse
Workspace applications are increasingly being weaponized as a Living off the Land (LOTL) technique, as threat actors find new ways to break in and execute attacks. The DTEX i3 Team has issued ...
DTEX i³ Issues Threat Advisory for Detecting the Use of Multiple Identities
The DTEX i3 team has issued a new Threat Advisory following recent investigations linking the use of multiple personal accounts on corporate devices with side gigs and the spread of extremist materials ...
BianLian GOs for PowerShell After TeamCity Exploitation
Contributors: Justin Timothy, Threat Intelligence Consultant, Gabe Renfro, DFIR Advisory Consultant, Keven Murphy, DFIR Principal Consultant Introduction Ever since Avast […] ...
DTEX i³ Issues Threat Advisory for Mitigating Insider Abuse of Insecure Web Apps
Web applications offer powerful workforce efficiencies, but they are not without their risks. Misconfiguration of web applications can open the door to insider abuse or misuse, throwing sensitive company data and employee ...
Crawl, Walk, Run: How to Kickstart your Insider Risk Program
Insider risk incidents are on the rise, and critical infrastructure is increasingly being targeted. As 2023 nears, we believe establishing an Insider Risk Program should be a top priority. Off the back ...
GuidePoint Security researcher discovers vulnerability in the integrity of common HMI client-server protocol
What if you could no longer trust the critical process values displayed on your HMI screen? Executive Summary When operating […] ...
A New Day, A New Warning: HHS Issues Guidance to HPH Sector About Insider Threats in Healthcare
Earlier this month the Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) issued a report on the risk to the healthcare sector from malicious insiders. Why now? The ...