After the breach : Garmin and WastedLocker

July 28, 2020 This week, we saw a very public example of a ransomware attack on Garmin, with their production services and products going offline from July 23rd – 27th. Garmin, with a market cap of $19 Billion saw the attack impact everything from their manufacturing activities to their consumer and commercial services. Garmin’s public-facing […]

Your Next Ransomware Risk: Zerologon

September 23, 2020 Last week, a new exploitable vulnerability in Microsoft Active Directory called Zerologon (CVE-2020-1472), was released publicly. Successful exploitation allows any user to become a Domain Administrator with global access to all computers in the enterprise in about 10 seconds. The vulnerability opens a quick path for criminal actors to conduct crippling business-wide […]

Zerologon—The Aftermath

February 16, 2021 In September, we brought you news of a new exploitable vulnerability in the Microsoft Active Directory—Zerologon—also tracked as CVE-2020-1472. Zerologon impacts the Netlogon Remote Protocol for Window Servers and allows any user to become a Domain Administrator with global access to all systems and networks in the enterprise—in less than 30 seconds. This […]

Microsoft Exchange Zero-Day Vulnerability Exposes Companies Globally

March 15, 2021 Criminal and nation-state actors are exploiting at least four new zero-day vulnerabilities in Microsoft Exchange Server. Patches were released earlier this month, but not after months of active exploitation by a number of threat actors. Volexity and Microsoft report that a group known as “Hafnium” (allegedly affiliated with the Chinese government) were […]