How To Overcome Active Directory Exploits And Prevent Attacks
According to Gartner, “It is critical to make concentrated efforts to comprehensively secure and monitor Active Directory, proactively look for…
Webinars
Prevent cyber attacks in Azure before they happen
Misconfigurations within Azure environments are more common than you think. It’s important to learn and understand how attackers can exploit…
Webinars
Decrypting VMware Workstation Passwords for Fun
Overview At XM Cyber, we have been hard at work on the techniques that attackers use against your VMware environments.…
Blog
The XM Cyber 2022 Attack Path Management Impact Report
The industry’s first annual attack path management research report is here! The XM Cyber research team analyzed nearly 2 million…
Blog
XM Cyber Advisory – Spring4Shell, Zero Day
Overview On March 30, A new zero day critical vulnerability was leaked in another open source software library. The vulnerability…
Blog
New Privilege Escalation Techniques are Compromising your Google Cloud Platform
In this research you’ll discover some of the common attack techniques used in Google Cloud Platform (GCP) to better understand…
Blog
XMGoat – An Open Source Pentesting Tool for Azure
Overview We created XMGoat as an open source tool with the purpose of teaching penetration testers, red teamers, security…
Blog
Introducing MacHound: A Solution to MacOS Active Directory-Based Attacks
As a security researcher at XM Cyber, designing core product support for MacOS was one of my goals last year.…
Blog
Lessons Learned from the SolarWinds SUNBURST Attack
Should We Prioritize Detection or Prevention? The XM Factor Is Needed. In 1736, Benjamin Franklin famously advised fire-threatened Philadelphians that…
Blog
Here’s How the Recent SolarWinds Supply Chain Attack Could Be Easily Stopped
A Cybersecurity Vaccine Exists – and It Is 99% Effective. Learn How to Inoculate Your Organization From Attacks in 2021…
Blog
What Are Common Targets for Advanced Persistent Threats (APT)?
Few things give cybersecurity defenders more anxiety than the prospect of an attack by an Advanced Persistent Threat (APT). Unlike…
Blog
SSH & SSL — Step-siblings or Rivals?
People often wonder whether SSH uses SSL/TLS for traffic encryption. The short answer is NO, even though both protocols have…
Blog
See XM Cyber In Action
