January 20-22, 2023 ShmooCon is an annual Cybersecurity Convention located in Washington D.C. Attending industry recognized Security Conferences offer a tremendous learning opportunity for our team. Every year Shmoocon offers numerous...
Summary: Back at the start of August 2022, members of GTSC came across an attack where Microsoft Exchange was actively being targeted. They were able to verify that the attack...
On 5/27/22 security research team, Nao_sec identified a malicious Word document in the wild, that appeared to be leveraging the “MS-MSDT” (Microsoft Support Diagnostic Tool) protocol to execute Powershell code....
Summary: On Dec. 9, 2021, Proof of Concept exploitation code for the remote code execution (RCE) vulnerability (CVE-2021-44228) in Apache Log4j was published to GitHub. Shortly thereafter, there was evidence...
Summary: Window’s Print Spooler is run by default on all supported Windows operating system versions as it is a legitimate application that manages the printing process on Windows hosts. The...
Summary: On 07/02/2021, Kaseya disclosed an ongoing attack exploiting on-premise Kaseya VSA servers, along with an advisory to their customers to immediately shut down VSA servers until further notice. Current...
Summary: On 3/2/21, security researchers at Volexity released a blog with their findings following their discovery of four new Microsoft Exchange Server 0-day vulnerabilities. Volexity first detected exploitation in one...
Summary: Last Friday (1/22/21), SonicWall released a statement via their blog that they had been subject to a highly sophisticated and coordinated cyber-attack that appeared to have leveraged possible zero-day...
Summary: As of 12/15/20, there have been several high-profile breaches in the media, recently from the U.S Treasury and Commerce departments (12/13) to Information Security company FireEye (12/7). When reports...
Federal agencies have issued an unprecedented warning against “an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” The joint cybersecurity advisory was published from the Cybersecurity Infrastructure...