Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Protect assets from ransomware, trojans, rootkits and more.
Intelligence and visibility across AWS, O365, DevOps and more.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Microsoft has released a patch to address a vulnerability in the Windows VBScript Engine. Double Kill, also known as CVE-2018-8174 1, has been actively exploited in the wild by a limited number of threat actors. If successfully exploited, Double Kill will give the threat actor the same permissions as the compromised user. Proof of concept (PoC) code has been released for this vulnerability, increasing the likelihood of additional threat actors exploiting the vulnerability2.
DoubleKill affects a wide variety of Windows products that use the VBScript Engine; for a full list, see the Affect Products section of the official Windows release.
This vulnerability is caused by a failure in the way the VBScripts engine handles objects in memory. From initial assessment,s it appears that delivery of this exploit may occur through both phishing attempts and web-based attacks.
 CVE-2018-8174 | Windows VBScript Engine Remote Code Execution Vulnerability
 The King is dead. Long live the King!
Root cause analysis of the latest Internet Explorer zero-day – CVE-2018-8174