MFA Protection for Air-Gapped Networks

The recent cyberattacks launched as part the Russia-Ukraine warfare have reawakened concerns about the security of air gapped networks, particularly regarding identity protection. Air gapping is implemented to reduce the attack surface of a highly sensitive network, such as the ones found in nations’ critical infrastructure, military and governmental environments, and manufacturing shop floors. These […]

Open Sourcing Our Lateral Movement Detection Tool: LATMA

Collect authentication traffic from Active Directory, create a detailed report (and GIF) that outlines lateral movement patterns Lateral movement detection is a challenge every cybersecurity researcher is likely familiar with. My team and I faced this challenge a few months ago and, unsurprisingly, quickly discovered there is no easy or fast solution to address it. […]

MGM Breach Takeaway: On-Prem Has Become Attackers’ Gateway to the Cloud

Last week, the BlackCat ransomware group (also known as ALPHV) attacked the operations of MGM Resorts and forced them to shut down their IT systems. What sets this attack apart from more traditional ransomware attacks is that at a certain point attackers were able to leverage their domain dominance of the on-prem environment to compromise […]

Silverfort Protection Against CVE-2023-23397 Outlook Zero Day

In the latest Patch Tuesday, Microsoft released a patch for  CVE-2023-23397 Zero Day in Outlook, which was reported to be exploited in the wild. Exploitation of this vulnerability enables an adversary to grab NTLM hashes (equivalent to user credentials) from the targeted machine and use them for malicious access to other machines in the environment. […]