• Back

Blogs about Cyber

Card image cap

Q:CYBER spots lateral movement as used in the SolarWinds (Sunburst) calamity

by QOMPLX Staff | 25 days ago

QOMPLX’s leading Q:CYBER software suite detections include Kerberoasting and Golden Ticket attacks, both of which have been reported as being leveraged during lateral movement phases against federal agencies and commercial entities over the course of several months.

READ MORE

Card image cap

Microsoft to CIOs: Drop Dead

by Andrew Jaquith | a month ago

In its new guidance, Microsoft has declared Active Directory Red Forest dead urging customers to put “Zero Trust” everywhere with a heavy dose of Azure Active Directory and an embrace of the Microsoft cloud, which requires the costly E5 enterprise license. Enterprises should worry.

READ MORE

Card image cap

Latest CISA Warning Hints At Worst Case Scenario In Russia Hack

by Andrew Jaquith, Paul Roberts | a month ago

Federal agencies are advised to counter “Kerberoasting and forged TGT ” attacks—suggesting a worst-case scenario for federal IT networks.

READ MORE

Card image cap

CISA Warns: Distance Learning Boosts K-12 Cyber Risk

by Paul Roberts | a month ago

Distance learning has profound cyber security implications for K-12 school districts, the U.S. Government’s Cyber Security and Infrastructure Security Agency (CISA) warned last week.

READ MORE

Card image cap

Javascript to Scala: Migration of a Self-Taught Engineer

by Geoffrey Yip | a month ago

After about a year of coding professionally, I bravely and stupidly thought I could make the jump from Javascript to Scala. I had no experience in Java. I had no CS degree. And I had never done server-side programming before.

READ MORE

Card image cap

Q:CYBER Translating Sigma Rules

by QOMPLX Staff | a month ago

We explore how to use the open-source Sigma signature rule specification in Q:CYBER.

READ MORE

Card image cap

Q:CYBER Using Windowed Rules for Advanced Detection

by QOMPLX Staff | a month ago

We cover how to create windowed rules that can be applied to address advanced threat detection challenges.

READ MORE