In-depth analysis of malware, exploits, and defense strategies. Stay ahead of emerging threats with expert research from the SAFE Cyberdefense team.
Explore ResearchOur most impactful and widely-read threat analyses.
Attackers can leverage legitimate Microsoft signed binaries to load and inject malicious DLLs into running processes, effectively bypassing application whitelisting and endpoint security.
Advanced malware can execute PowerShell commands without ever calling powershell.exe, effectively bypassing many endpoint security solutions. This research explores the techniques used and how to defend against them.
NotPetya was one of the most devastating cyber attacks in history, causing over $10 billion in damages worldwide. Our technical analysis reveals why it was designed as a wiper, not ransomware.
Recent publications from our cybersecurity research team.
Learn how to minimize the critical time between vulnerability disclosure and patching to protect your enterprise from known exploits and reduce the N-day risk window.
Following a significant retail chain attack, this article delves into the critical post-breach analysis process. Learn how meticulous investigation of digital skirmishes provides vital lessons …
PowerShell's immense power makes it a prime target for adversaries. Learn how advanced persistent threats bypass Constrained Language Mode (CLM) using runspaces and discover critical …
Explore the critical debate between application whitelisting and behavioral analysis in endpoint security. Discover which strategy offers superior protection against today's evolving cyber threats, from …
As traditional cybersecurity defenses falter against advanced threats like ransomware and zero-day exploits, robust endpoint security is crucial. This article delves into two proactive strategies: …
Discover how meticulous digital forensics and registry hive investigation techniques are crucial for swift incident response, allowing reconstruction of events, identification of attacker methods, and …