Sign In
Zerologon is a Big Deal. Here’s Why.
by Paul Roberts | 2 days ago
The Microsoft vulnerability dubbed Zerologon is a 10-on-a-10-scale critical flaw in Windows Netlogon. We explain what you need to know about this serious, new vulnerability.
QOMPLX Knowledge: 5 Ways Attackers Bypass Microsoft Azure ATP
by QOMPLX | 8 days ago
Microsoft’s Azure Advanced Threat Protection (ATP) is useful for detecting a range of attacks on Active Directory. But it has some serious shortcomings. Here are five ways attackers bypass ATP to wreak havoc.
The Future of Cyber Insurance Policies
by Anna Rose Greenberg | 9 days ago
What is the future of cyber insurance policies? A recent blog featuring Nick Economidis and comments by Mark Silvestri lay out what needs to happen for the cyber insurance field to grow.
Modeling Matchups - Diving into the Massive Spreads in Laura’s Loss Estimates
by Jason Crabtree, Steve Smith | 14 days ago
Hurricane Laura was one of the most powerful storms in U.S. history, leaving widespread destruction. However, loss assessments from various modeling companies have been inconsistent. What causes this disparity, and how can QOMPLX help to solve the problem? Read More
Privilege Escalation Features Pop Up In More Malware Variants
by Paul Roberts | 24 days ago
The new DarkSide ransomware variant and Lucifer’s Spawn, a DDoS and crypto-jacking tool, have one thing in common: privilege escalation features designed to fuel lateral movement.
Konica Minolta Latest Victim of Human Operated Ransomware
by Paul Roberts | a month ago
The new ransomware family RansomEXX is suspected in the hack of Konica Minolta, its second prominent victim in a month. Evidence suggests that human directed attacks are becoming more stealthy and effective.
QOMPLX Knowledge: Understanding Pass The Hash Attacks
by QOMPLX | a month ago
Pass the Hash attacks are one of the most common methods of lateral movement within compromised IT environments. In this QOMPLX Knowledge blog post we do a deep-dive on this common form of attack and lateral movement.
QOMPLX Knowledge: NTLM Relay Attacks Explained
by QOMPLX | a month ago
NTLM relay attacks allow malicious actors to carry out man-in-the-middle attacks to steal hashed versions of user credentials which are then 'relayed' for use accessing other network resources.