Network Security

Microsoft Office has long been a common attack vector, with abuse of its macro functionality a firm favorite of phishing and malspam attacks. These typically attempt to infect users through maliciously crafted Word or Excel files received as an attachment or as a download link via email. Macro-based attacks, however, require an extra social engineering …

Peeking into CVE-2021-40444 | MS Office Zero-Day Vulnerability Exploited in the Wild Read More »

It has been a tough few weeks for many enterprise security teams fighting a series of severe bugs in Microsoft Windows 10. Shortly after being ‘all hands on deck’ dealing with the remote code execution (RCE) vulnerability dubbed PrintNightmare, IT admins and security teams were plunged into another unexpected crisis thanks to the emergence of …

HiveNightmare | Protecting Windows 10 Security Account Manager Against CVE-2021-36934 Read More »

It has been 31 days since the initial public disclosure of a critical remote code execution (RCE) vulnerability in the Apache Log4j logging library that upended enterprise security at the close of 2021. In that time, since the initial CVE-2021-44228 (critical), we’ve already seen five more related CVEs CVE-2021-45046 (critical) CVE-2021-4104 (high) CVE-2021-42550 (moderate) CVE-2021-45105 …

Log4j One Month On | Crimeware and Exploitation Roundup Read More »

Cyber adversaries operate with a level of finesse and precision that can catch organizations off guard. In seconds, they can lure unsuspecting employees or partners with malicious files, exploit existing vulnerabilities to breach a network, and start moving laterally within a system to up their credentials. The impact of ransomware attacks extends beyond mere disruption; …

Understanding XDR | A Guided Approach for Enterprise Leaders Read More »

The Good | White House Launches AI-Centric Cybersecurity Contest to Protect US Entities The Biden-Harris administration this week announced a new hacking challenge with the purpose of using artificial intelligence (AI) to protect critical US infrastructure from growing cybersecurity threats. In collaboration with tech companies such as OpenAI and Anthropic who are making their technology …

The Good, the Bad and the Ugly in Cybersecurity – Week 32 Read More »

What a few days it was at this year’s BlackHat cyber event in sunny Las Vegas! The stunning SentinelOne booth welcomed thousands of visitors who came to learn about PurpleAI, our newly launched Ranger Insights console, and all the ways the Singularity platform helps organizations protect their endpoints, secure their cloud, and unify their data. …

Day 2 of Black Hat USA 2023 | Exploring The Power of a Threat Intel & AI-Driven Future Read More »

By removing repetitive, manual processes, staff can do more interesting tasks—and do more of them Read the full post.

SentinelOne has landed in Vegas for this year’s Black Hat security conference! Each year, Black Hat invites security gurus, researchers, hackers, and cyber enthusiasts from around the world to join in on two-days of keynotes by industry leaders as well as cutting-edge presentations and exclusive tech demos. We’ll be sure to keep you in the …

Day 1 of Black Hat USA 2023 | Generative AI, Automation & The Security Landscape of Tomorrow Read More »

Awareness of the newest shifts and patterns is vital in the fast-changing world of cyber threats. This rings particularly true with ransomware, known for its quick changes and intricate tactics. This past August, our MDR team at SentinelOne stumbled upon something unusual in the wild: new instances of LOLKEK, or GlobeImposter as it’s also known, …

LOLKEK Unmasked | An In-Depth Analysis of New Samples and Evolving Tactics Read More »

Leveraging known bugs and unpatched exploits continue to be an unyielding strategy for threat actors. Ranging from security bypasses and credential exposure to remote code execution, software vulnerabilities remain tools of the trade for cyber attackers looking for a way into lucrative systems. While new flaws found in Active Directory and the MOVEit file transfer …

Enterprise Security Essentials | Top 12 Most Routinely Exploited Vulnerabilities Read More »