CVE-2021-31956: Windows NTFS Elevation of Privilege Vulnerability Windows NTFS Elevation of Privilege Vulnerability

CVE-2021-31956 [HIGH] CWE-191 Microsoft Windows NTFS Privilege Escalation Vulnerability Vulnerability: Microsoft Windows NTFS Privilege Escalation Vulnerability Affected: Microsoft Windows Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application. Required Action: Apply updates per vendor instructions. Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-31956 Remediation Due Date: 2021-11-17

CVE-2021-31956 [HIGH] Windows NTFS Elevation of Privilege Vulnerability Windows NTFS Elevation of Privilege Vulnerability FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Additionally, an attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file. Windows NTFS: Windows NTFS Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation Detected;Older Software Release:Ex

CVE-2016-4654 The More You Know, The More You Know You Don’t Know - Project Zero A Year in Review of 0-days Used In-the-Wild in 2021 Posted by Maddie Stone, Google Project Zero This is our third annual year in review of 0-days exploited in-the-wild [2020, 2019]. Each year we’ve looked back at all of the detected and disclosed in-the-wild 0-days as a group and synthesized what we think the trends and takeaways are. The goal of this report is not to detail each individual exploit, but instead to analyze the exploits from the year as a group, looking for trends, gaps, lessons learned, successes, etc. If you’re interested in the analysis of individual exploits, please check out our root cause analysis repository. We perform and share this analysis in order to make 0-day hard. We want it to be more costly, more resource intensive, and overall more difficult for

CVE-2021-31956 [HIGH] Windows NTFS Elevation of Privilege Vulnerability Windows NTFS Elevation of Privilege Vulnerability Windows NTFS Elevation of Privilege Vulnerability

CVE-2021-31956 [HIGH] CWE-191 Microsoft Windows NTFS Privilege Escalation Vulnerability Microsoft Windows NTFS Privilege Escalation Vulnerability Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application. Affected: Microsoft Windows Required Action: Apply updates per vendor instructions. Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://api.msrc.microsoft.com/cvrf/v3.0/cvrf/2021-Jun; https://securelist.com/puzzlemaker-chrome-zero-day-exploit-chain/102771/; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json Exploit PoC: https://vulncheck.com/xdb/736c14a7215d; https://vulncheck.com/xdb/189db9bb950f; https://vulncheck.com/xdb/ef8974070480 Remediation Due: 20

[HIGH] CVE-2022-37969 | Windows CLFS Zero-Day - Zscaler Blog Provide users with seamless, secure, reliable access to applications and data. Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud. Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems. Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners. Industry Report Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE) USE CASES INDUSTRY & MARKET SOLUTIONS PARTNERS TECHNOLOGY PARTNERS Resource Center Events & Trainings Security Research & Services Tools Community & Support CXO REVOLUTIONARIES Amplifying the voices of real-world digital and zero trust pioneers Discover how it began and where it’s going Meet o

Ten most mysterious APT campaigns that remain unattributed Table of Contents - 1. Project TajMahal - 2. DarkUniverse - 3. PuzzleMaker - 4. ProjectSauron (aka Strider) - 5. USB Thief - 6. TENSHO (aka White Tur) - 7. PlexingEagle - 8. SinSono - 9. MagicScroll (aka AcidBox) - 10. Metador - Conclusion Authors - Costin Raiu Targeted attack attribution is always a tricky thing, and in general, we believe that attribution is best left to law enforcement agencies. The reason is that, while in 90% of cases it is possible to understand a few things about the attackers, such as their native language or even location, the remaining 10% can lead to embarrassing attribution errors or worse. High-profile actors make every effort to stay undetected inside the victim’s infrastructure and to leave as few traces as they can. They implement a variety of techniqu

TOP 10 unattributed APT mysteries Table of Contents 1. Project TajMahal 2. DarkUniverse 3. PuzzleMaker 4. ProjectSauron (aka Strider) 5. USB Thief 6. TENSHO (aka White Tur) 7. PlexingEagle 8. SinSono 9. MagicScroll (aka AcidBox) 10. Metador Conclusion Authors Costin Raiu Targeted attack attribution is always a tricky thing, and in general, we believe that attribution is best left to law enforcement agencies. The reason is that, while in 90% of cases it is possible to understand a few things about the attackers, such as their native language or even location, the remaining 10% can lead to embarrassing attribution errors or worse. High-profile actors make every effort to stay undetected inside the victim’s infrastructure and to leave as few traces as they can. They implement a variety of techniques to make inve

Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys #### Table of Contents - Situation - Directive Scope - CISA Catalog of Known Exploited Vulnerabilities - Detect CISA Vulnerabilities Using Qualys VMDR - CISA Exploited RTI - Detailed Operational Dashboard - Remediation - Federal Enterprises and Agencies Can Act Now - Summary - Getting Started CISA released a directive in November 2021, recommending urgent and prioritized remediation of actively exploited vulnerabilities. Both government agencies and corporations should heed this advice. This blog outlines how Qualys Vulnerability Management, Detection & Response can be used by any organization to respond to this directive efficiently and effectively. ## Situation Last November 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directiv

The Definition and Examples of Exploit Kits | Fortinet Blog INDUSTRY TRENDS & INSIGHTS The Definition and Examples of Exploit Kits By Aamir Lakhani | January 27, 2022 In cybersecurity terminology, an exploit is a bit of code or a program that takes advantage of vulnerabilities or flaws in software or hardware. An exploit is not malware, but rather a way to deliver malware like ransomware or viruses. The goal of exploits is to install malware or to infiltrate and initiate denial-of-service (DoS) attacks for example. The recent exponential growth of computer peripherals, software advances, and edge and cloud computing has led to a corresponding increase in vulnerabilities. Of course, cybercriminals love having more systems to attack with exploit kits. What Is An Exploit Kit? Exploit kits (EKs) are automated programs used by cybercriminals to ex

[HIGH] Microsoft’s December 2021 Patch Tuesday Addresses 67 CVEs (CVE-2021-43890) ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

APT annual review 2021 Table of Contents Private sector vendors play a significant role in the threat landscape Supply-chain attacks Exploiting vulnerabilities Firmware vulnerabilities Authors GReAT In the Global Research and Analysis Team at Kaspersky, we track the ongoing activities of more than 900 advanced threat actors and activity clusters; you can find our quarterly overviews here , here and here . For this annual review, we have tried to focus on what we consider to be the most interesting trends and developments of the last 12 months. This is based on our visibility in the threat landscape and it’s important to note that no single vendor has complete visibility into the activities of all threat actors. ## Private sector vendors play a significant role in the threat landscape Possibly the bigges

APT annual review 2021 Table of Contents - Private sector vendors play a significant role in the threat landscape - Supply-chain attacks - Exploiting vulnerabilities - Firmware vulnerabilities Authors - GReAT In the Global Research and Analysis Team at Kaspersky, we track the ongoing activities of more than 900 advanced threat actors and activity clusters; you can find our quarterly overviews here, here and here. For this annual review, we have tried to focus on what we consider to be the most interesting trends and developments of the last 12 months. This is based on our visibility in the threat landscape and it’s important to note that no single vendor has complete visibility into the activities of all threat actors. ## Private sector vendors play a significant role in the threat landscape Possibly the

Qualys Response to CISA Alert: Binding Operational Directive 22-01 ## Table of Contents Overview Directive Scope CISA Catalog of Known Exploited Vulnerabilities Detect CISAs Vulnerabilities Using Qualys VMDR Remediation Federal Enterprises and Agencies Can Act Now Summary Getting Started Start your VMDR 30-day, no-cost trial today ## Overview On November 3, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directive 22-01 , “Reducing the Significant Risk of Known Exploited Vulnerabilities.” This directive recommends urgent and prioritized remediation of the vulnerabilities that adversaries are actively exploiting. It establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal government and establishes requirements for agencies to remediate

Qualys Response to CISA Alert: Binding Operational Directive 22-01 | Qualys #### Table of Contents - Overview - Directive Scope - CISA Catalog of Known Exploited Vulnerabilities - Detect CISAs Vulnerabilities Using Qualys VMDR - Remediation - Federal Enterprises and Agencies Can Act Now - Summary - Getting Started Start your VMDR 30-day, no-cost trial today ## Overview On November 3, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Binding Operational Directive 22-01, “Reducing the Significant Risk of Known Exploited Vulnerabilities.” This directive recommends urgent and prioritized remediation of the vulnerabilities that adversaries are actively exploiting. It establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal government and establishes requirements for agencies to

IT threat evolution in Q2 2021. PC statistics Table of Contents Quarterly figures Financial threats Financial threat statistics Ransomware programs Quarterly trends and highlights Attack on Colonial Pipeline and closure of DarkSide Closure of Avaddon Clash with Clop Attacks on NAS devices Number of new ransomware modifications Number of users attacked by ransomware Trojans Geography of ransomware attacks Top 10 most common families of ransomware Trojans Miners Number of new miner modifications Number of users attacked by miners Geography of miner attacks Vulnerable applications used by cybercriminals during cyberattacks Attacks on macOS Geography of threats for macOS IoT attacks IoT threat statistics Attacks via web resources Countries that serve as sources of web-based attacks: Top 10 Countries where users fa

[HIGH] IT threat evolution Q2 2021 Table of Contents - Targeted attacks - Other malware Authors - David Emm ## Targeted attacks ### The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools and methodologies: one such example is the infamous “DLL side-loading triad”: a legitimate executable, a malicious DLL to be side-loaded by it and an encoded payload, generally dropped from a self-extracting archive. This was first thought to be a signature of LuckyMouse, but we have observed other groups using similar “triads”, including HoneyMyte. While it is not possible to attribute attacks based on this technique alone, efficient detection of such triads reveals more and more malicious activity. We recently described one such file, called “FoundCore”, which caught our atte

IT threat evolution in Q2 2021. PC statistics Table of Contents - Quarterly figures - Financial threats - Ransomware programs - Miners - Vulnerable applications used by cybercriminals during cyberattacks - Attacks on macOS - IoT attacks - Attacks via web resources - Local threats Authors - AMR These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. ## Quarterly figures According to Kaspersky Security Network, in Q2 2021: - Kaspersky solutions blocked 1,686,025,551 attacks from online resources across the globe. - Web antivirus recognized 675,832,360 unique URLs as malicious. - Attempts to run malware for stealing money from online bank accounts were stopped on the computers of 119,252 unique users. - Ransomware attacks were defeated on the computers

APT trends report Q2 2021 Table of Contents The most remarkable findings Russian-speaking activity Chinese-speaking activity Middle East Southeast Asia and Korean Peninsula Other interesting discoveries Final thoughts Authors GReAT For more than four years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of. This is our latest installment, focusing on activities that we observed during Q2 2021. Readers who would like to learn

APT trends report Q2 2021 Table of Contents - The most remarkable findings - Russian-speaking activity - Chinese-speaking activity - Middle East - Southeast Asia and Korean Peninsula - Other interesting discoveries - Final thoughts Authors - GReAT For more than four years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of. This is our latest installment, focusing on activities that we observed during Q2 2021. Readers who would lik

CVE-2021-21220 14th June – Threat Intelligence Report Latest Publications CPR Podcast Channel AI Research Web 3.0 Security Intelligence Reports ThreatCloud AI Threat Intelligence & Research Zero Day Protection Sandblast File Analysis About Us SUBSCRIBE 2026 2025 2024 2023 2022 2021 2020 2019 2018 2017 2016 ## 14th June – Threat Intelligence Report For the latest discoveries in cyber research for the week of 14th June, please download our Threat Intelligence Bulletin . Top Attacks and Breaches Audi and Volkswagen have experienced data breaches that affected 3.3 million customers. Between August 2019 and May 2021, unsecured data was left exposed on the internet by a mutual vendor. During that time, an unauthorized threat actor accesses the data. Researchers have observed a new wave of DDoS extortion by Fancy Lazarus,

[MEDIUM] Microsoft Patches Six Zero-Day Security Holes Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks. June’s Patch Tuesday addresses just 49 security holes — about half the normal number of vulnerabilities lately. But what this month lacks in volume it makes up for in urgency: Microsoft warns that bad guys are leveraging a half-dozen of those weaknesses to break into computers in targeted attacks. Among the zero-days are: –CVE-2021-33742, a remote code execution bug in a Windows HTML component. –CVE-2021-31955, an information disclosure bug in the Windows Kernel –CVE-2021-31956, an elevation of privilege flaw in Windows NTFS –CVE-2021-33739, an elevation of privilege flaw

CVE-2021-31985 [MEDIUM] Microsoft & Adobe Patch Tuesday (June 2021) – Microsoft 50 Vulnerabilities with 5 Critical, Adobe 21 Critical Vulnerabilities | Qualys ### Microsoft Patch Tuesday – June 2021 Microsoft patched 50 CVEs in their June 2021 Patch Tuesday release, and five of them are rated as critical severity. Six have applicable exploits. #### Critical Microsoft Vulnerabilities Patched CVE-2021-31985 – Microsoft Defender Remote Code Execution Vulnerability Microsoft released patches addressing a critical RCE vulnerability in its Defender product (CVE-2021-31985). This CVE has a high likelihood of exploitability and is assigned a CVSSv3 base score of 7.8 by the vendor. CVE-2021-31959 – Scripting Engine Memory Corruption Vulnerability Microsoft released patches addressing a critical memory corruption vulnerability in the Chakra JScript scripting engine. This vulnerability impacts Windows RT, Windows 7, Windows 8, Windows 10, Windows Ser

[MEDIUM] PuzzleMaker attacks with Chrome zero-day exploit chain Table of Contents - Remote code execution exploit - Elevation of privilege exploit - Malware modules - IoCs Authors - Costin Raiu - Boris Larin - Alexey Kulaev On April 14-15, 2021, Kaspersky technologies detected a wave of highly targeted attacks against multiple companies. Closer analysis revealed that all these attacks exploited a chain of Google Chrome and Microsoft Windows zero-day exploits. While we were not able to retrieve the exploit used for remote code execution (RCE) in the Chrome web browser, we were able to find and analyze an elevation of privilege (EoP) exploit that was used to escape the sandbox and obtain system privileges. The elevation of privilege exploit was fine-tuned to work against the latest and most prominent builds of Windows 10 (17763 – RS5, 18362 – 19H1,

[MEDIUM] PuzzleMaker attacks with Chrome zero-day exploit chain Table of Contents Remote code execution exploit Elevation of privilege exploit Malware modules IoCs Authors Costin Raiu Boris Larin Alexey Kulaev On April 14-15, 2021, Kaspersky technologies detected a wave of highly targeted attacks against multiple companies. Closer analysis revealed that all these attacks exploited a chain of Google Chrome and Microsoft Windows zero-day exploits. While we were not able to retrieve the exploit used for remote code execution (RCE) in the Chrome web browser, we were able to find and analyze an elevation of privilege (EoP) exploit that was used to escape the sandbox and obtain system privileges. The elevation of privilege exploit was fine-tuned to work against the latest and most prominent builds of Windows 10 (17763 – RS5, 18362 – 19H1, 18363 – 1

[MEDIUM] Microsoft’s June 2021 Patch Tuesday Addresses 49 CVEs (CVE-2021-31955, CVE-2021-31956 and CVE-2021-33742) ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

CVE-2021-31985 [MEDIUM] Microsoft & Adobe Patch Tuesday (June 2021) – Microsoft 50 Vulnerabilities with 5 Critical, Adobe 21 Critical Vulnerabilities ## Microsoft Patch Tuesday – June 2021 Microsoft patched 50 CVEs in their June 2021 Patch Tuesday release, and five of them are rated as critical severity. Six have applicable exploits. ## Critical Microsoft Vulnerabilities Patched CVE-2021-31985 – Microsoft Defender Remote Code Execution Vulnerability Microsoft released patches addressing a critical RCE vulnerability in its Defender product (CVE-2021-31985). This CVE has a high likelihood of exploitability and is assigned a CVSSv3 base score of 7.8 by the vendor. CVE-2021-31959 – Scripting Engine Memory Corruption Vulnerability Microsoft released patches addressing a critical memory corruption vulnerability in the Chakra JScript scripting engine. This vulnerability impacts Windows RT, Windows 7, Windows 8, Windows 10, Windows Server

[MEDIUM] Microsoft Patches Six Zero-Day Security Holes Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks. June’s Patch Tuesday addresses just 49 security holes — about half the normal number of vulnerabilities lately. But what this month lacks in volume it makes up for in urgency: Microsoft warns that bad guys are leveraging a half-dozen of those weaknesses to break into computers in targeted attacks. Among the zero-days are: – CVE-2021-33742 , a remote code execution bug in a Windows HTML component. – CVE-2021-31955 , an information disclosure bug in the Windows Kernel – CVE-2021-31956 , an elevation of privilege flaw in Windows NTFS – CVE-2021-33739 , an elevation of privilege

CVE-2026-20929 [HIGH] Patch Tuesday 2021: A Vulnerability Deep Dive How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed Apr 06, 2026 STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026 Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026 How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed Apr 06, 2026 STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026 Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026 Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019 Helping Non-Security Stakeholders Understand AT

CVE-2026-20929 [HIGH] June 2021 Patch Tuesday: Updates and Analysis How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed Apr 06, 2026 STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026 Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026 How CrowdStrike is Accelerating Exposure Evaluation as Adversaries Gain Speed Apr 06, 2026 STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026 Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026 Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019 Helping Non-Security Stakeholders Understand AT

CVE-2026-20929 [HIGH] Patch Tuesday 2021: A Vulnerability Deep Dive STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026 Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026 How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem Mar 25, 2026 STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026 Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026 How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem Mar 25, 2026 Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019 Helping Non-Security Stakeholders Understand ATT&CK in 10 Minutes or Less [VI

CVE-2026-20929 [HIGH] June 2021 Patch Tuesday: Updates and Analysis STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026 Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026 How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem Mar 25, 2026 STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026 Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026 How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem Mar 25, 2026 Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019 Helping Non-Security Stakeholders Understand ATT&CK in 10 Minutes or Less [VI