3 key critical vulnerabilities and mitigation flows that brought 97% success rate during the last 70 internal pentests Zerologon, LLMNR,NTLM RELAY and Print Spooler RCE By UnderDefense How to Protect Against LLMNR / NBT-NS Attacks, Zerologon, LLMNR,NTLM RELAY...
How to detect CobaltStrike Command & Control communication By Bogdan Vennyk CobaltStrike became part of the Cybercrime’s “toolset” almost in every Company breach. This growth is explained by the fact that CobaltStrike was leaked multiple times and became more...
Detecting DGA domains: Machine Learning approach By Alexander Ragulin In this post we are going to take a look at Domain Generation Algorithms (DGA) and an interesting way to detect them with the help of Deep Learning (LSTM neural net, to be precise). DGA domains are...
How to protect from COVID-19 Cyber Attacks: Practical Use-Case By Mykhailo Pazyniuk It is not new that COVID-19 pandemic influenced the lives of humanity in the XXI century. However, it has influenced not only health and economy. Cyber criminals have been quick to...
Detecting reconnaissance activity in your network By Bogdan Vennyk One of the main services we provide at UnderDefense is 24×7 Monitoring with our Security Operation Center (SOC) and a critical part of great SOC is …, RIGHT! – its detection...
Write-up:N-day exploit development and upgrade to RCE [CVE-2018-6231] Trend Micro Smart Protection Server Bypass Vulnerability + Code Execution By Taras Zelyk, Serhiy Sych, Bogdan Vennyk “At UnderDefense we are not only hunting for vulnerabilities and analyzing their...
