Threat actors can abuse legitimate and even verified OAuth applications to conduct phishing attacks. Secureworks has developed the PhishInSuits tool to enable organizations to simulate these attacks and improve defenses. Read More
In various incidents, including Darkside and Snatch ransomware operations, threat actors leveraged Tor and Onion Services to create backdoors that gave them ongoing access to compromised networks. Read More
By leveraging a weak password and the ability to forward ports, an unauthenticated attacker could remotely execute code on systems running SonicWall Email Security Appliance versions through 10.0.2. Read More
The availability of up-to-date asset inventories and network diagrams, particularly for critical systems, can improve the efficiency and effectiveness of incident response and recovery efforts. Read More
Similarities between the SUPERNOVA activity and a previous compromise of the network suggest that SPIRAL was responsible for both intrusions and reveal information about the threat group. Read More
The exploitation of valuable zero-day vulnerabilities to deploy a well-known and widely detected malware is surprising behavior for government-sponsored threat groups. Read More
Now that threat hunting is recognized as an official discipline by NIST, Secureworks explains what that means for companies who want to implement threat hunting, supplement their own programs, or partner with others. Read More
This series of challenges required capture-the-flag (CTF) participants to use proxy logs, social media, and public services as they explored the compromise of a fictitious music promotion company. Read More
The capture-the-flag (CTF) competition at the Threat Intelligence Summit challenged participants in areas such as forensics, malware analysis, and threat intelligence. Read More
Combining the specialized skills from Secureworks® Incident Response and Adversarial Security Testing in a single engagement delivers results that supersede traditional delivery models. Read More
