STR_logo@2x

Mission Statement

Our ongoing mission is to monitor the constantly-shifting threat landscape, conducting security investigations and developing detection methods for the latest real-world cyberattacks.

We provide advanced security expertise for our customer’s security operations, including threat hunting and incident response. We also share our expertise with the wider community through Threat Research Reports in order to help you better understand, detect, and protect yourself against the latest real-world cyberattacks.

str_illus@2x

Latest in Securonix Threat Research

From Zero to DC: New Zerologon Attack Variants (CVE-2020-1472) Exploitation and Detection Distilled

Some security experts are calling the new CVSS 10/10 Windows Zerologon EP (ZEP) Vulnerability (CVE-2020-1472) the GenZ/Alpha variant of the good ol' GenX/Y MS08-067 .

As you probably know, there are *multiple* vectors to exploit ZEP, not only via the native direct DC password reset, but also, e.g., via DRSUAPI relay *w/o the need to reset DC m/a password* (see https://dirkjanm.io/a-different-way-of-abusing-zerologon/, for instance).

The Securonix Threat Research Team has distilled some of the latest technical insights from real-world exploitation of ZEP from red team/opsec and blue team/detection standpoint in this report.

Threat Research

Detecting WastedLocker Ransomware Using Security Analytics

Read More

Threat Research

Securing Your Remote Workforce - Detecting Teleconferencing Tools Attacks in the Work-From- Home (WFH) World - Part 2

Read More

Threat Research

Securing Your Remote Workforce - Detecting the Latest Cyberattacks in the Work-From-Home (WFH) World: Part 1

Read More

Threat Research

Detecting High-Impact Targeted Cloud/MSP $14M+ Ryuk and REvil Ransomware Attacks

Read More