IT Pros

Security Assertion Markup Language (SAML) is an open standard that allows identity providers (IdP) to pass authorization credentials to service providers (SP). What that jargon means is that you can...

Mshta and rundll32, the Windows binaries that Koadic leverages, have been long known to hackers. If you take a peek at Mitre’s ATT&CK database, you’ll see that rundll32 has been...

It’s a perfect time to be CISM or CISSP certified, or have any cybersecurity certification: according to Gartner, the unemployment rate for cybersecurity professionals is zero – as in there...

In my epic series on Windows binaries that have dual uses– talkin’ to you rundll32 and mshta — I showed how hackers can stealthy download and launch remote script-based malware....

When we left off last, I showed how it’s possible to run VBScript directly from mshta. I can play a similar trick with another LoL-ware binary, our old friend rundll32....

Like the rest of the IT security world last week, I had to stop everything I was doing to delve into the latest Verizon Data Breach Investigations Report. I spent...

Cybersecurity has a gender gap. According to the 2017 Women in Cybersecurity study, a joint venture between the Center for Cyber Safety and Education and the Executive Women’s Forum on...

In this series of post, we’ve been exploring attack techniques that involve minimal efforts on the part of hackers. With the lazy code-free approach I introduced last time, it’s even possible to...

For this next post, I was all ready to dive into a more complicated fileless attack scenario involving multiple stages and persistence. Then I came across an incredibly simple code-free...

A well-constructed Merger & Acquisition (M&A) playbook reduces the overall time, cost and risk of the upcoming merger and/or acquisition. Gartner advises that organizations who intend to grow through acquisitions...