Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and remediating threats to prevent lateral spread.
Investigation and enhanced threat detection across multi-cloud or hybrid environments.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Customer testimonials and case studies.
Stories on cyberattacks, customers, employees, and more.
Cyber incident, analyst, and thought leadership reports.
Demonstrations, seminars and presentations on cybersecurity topics.
Information and solution briefs for our services.
MITRE ATT&CK Framework, Cybersecurity Assessment, SOC Calculator & more
Microsoft has released a patch to address a vulnerability in the Windows VBScript Engine. Double Kill, also known as CVE-2018-8174 1, has been actively exploited in the wild by a limited number of threat actors. If successfully exploited, Double Kill will give the threat actor the same permissions as the compromised user. Proof of concept (PoC) code has been released for this vulnerability, increasing the likelihood of additional threat actors exploiting the vulnerability2.
DoubleKill affects a wide variety of Windows products that use the VBScript Engine; for a full list, see the Affect Products section of the official Windows release.
This vulnerability is caused by a failure in the way the VBScripts engine handles objects in memory. From initial assessment,s it appears that delivery of this exploit may occur through both phishing attempts and web-based attacks.
References:
[1] CVE-2018-8174 | Windows VBScript Engine Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8174
[2] The King is dead. Long live the King!
Root cause analysis of the latest Internet Explorer zero-day – CVE-2018-8174
https://securelist.com/root-cause-analysis-of-cve-2018-8174/85486/