3 Key Critical Vulnerabilities and Mitigation Flows of Them

3 Key Critical Vulnerabilities and Mitigation Flows of Them

3 key critical vulnerabilities and mitigation flows that brought 97% success rate during the last 70 internal pentests Zerologon, LLMNR,NTLM RELAY and Print Spooler RCE  By UnderDefense How to Protect Against LLMNR / NBT-NS Attacks, Zerologon, LLMNR,NTLM RELAY...
How to Detect CobaltStrike Command & Control Communication

How to Detect CobaltStrike Command & Control Communication

By Bogdan Vennyk CobaltStrike became part of the Cybercrime’s “toolset” almost in every Company breach. This growth is explained by the fact that CobaltStrike was leaked multiple times and became more accessible for malicious groups. Below is a statistics made by...
Detecting DGA Domains: Machine Learning Approach

Detecting DGA Domains: Machine Learning Approach

By Alexander Ragulin In this post we are going to take a look at Domain Generation Algorithms (DGA) and an interesting way to detect them with the help of Deep Learning (LSTM neural net, to be precise). DGA domains are extensively used by many kinds of malware to...
How to protect from COVID-19 Cyber Attacks

How to protect from COVID-19 Cyber Attacks

By Mykhailo Pazyniuk It is not new that COVID-19 pandemic influenced the lives of humanity in the XXI century. However, it has influenced not only health and economy. Cyber criminals have been quick to exploit the situation of global remote. According to interview...
Detecting reconnaissance activity in your network

Detecting reconnaissance activity in your network

By Bogdan Vennyk One of the main services we provide at UnderDefense is 24×7 Monitoring with our Security Operation Center (SOC) and a critical part of great SOC is …, RIGHT! – its detection capabilities. That is why we are continuously working on...
N-day exploit development and upgrade to RCE

N-day exploit development and upgrade to RCE

[CVE-2018-6231] Trend Micro Smart Protection Server Bypass Vulnerability + Code Execution By Taras Zelyk, Serhiy Sych, Bogdan Vennyk “At UnderDefense we are not only hunting for vulnerabilities and analyzing their patches but also developing exploits for N-day...