In a report published on the 20th of December CrowdStrike published a report of a new technique exploiting the Microsoft Exchange vulnerability called ProxyNotShell. The called the new technique OWASSRF as it uses Outlook Web Access, CVE-2022-41080 and CVE-2022-41082...
Follina CVE-2022-30190 Detection with THOR and Aurora
The Follina 0day vulnerability (CVE-2022-30190) in Microsoft Windows is actively exploited in-the-wild and highly critical. This blog posts lists some important web resources and the signatures that detect exploitation attempts.Kevin's post contains links to tweets of...
ASGARD v2.13 Release
Over the last 4 months, we've worked on many new UX improvements and the integration of our endpoint agent Aurora. Today, we are glad to announce the release of ASGARD version 2.13. UX Improvements We've reworked many sections and dialogues with user experience (UX)...
Aurora Lite Agent v1.0 Release
After almost half a year of development, we are pleased to announce the release of our free version of the Aurora Agent named Aurora Lite. The Aurora agent is a Sigma-based endpoint agent that offers maximum transparency, flexibility, and confidentiality. It doesn't...
Aurora – Sigma-Based EDR Agent – Preview
The following recorded video session includes information about our new Sigma-based EDR agent called "Aurora" and the free "Aurora Lite". It's a preview of the agent with information on its features, limits, advantages and a live demo. The release is scheduled for...