Resources

Topics

How To Overcome Active Directory Exploits And Prevent Attacks
Webinars

According to Gartner, “It is critical to make concentrated efforts to comprehensively secure and monitor Active Directory, proactively look for threats and misconfigurations, and…

Prevent cyber attacks in Azure before they happen
Webinars

Misconfigurations within Azure environments are more common than you think. It’s important to learn and understand how attackers can exploit these misconfigurations and, more…

Decrypting VMware Workstation Passwords for Fun
David Azria & Zur Ulianitzky | Blog

Overview At XM Cyber, we have been hard at work on the techniques that attackers use against your VMware environments. What you’re about to…

The XM Cyber 2022 Attack Path Management Impact Report
Michael Greenberg | Blog

The industry’s first annual attack path management research report is here! The XM Cyber research team analyzed nearly 2 million entities to bring insights…

XM Cyber Advisory – Spring4Shell, Zero Day
Zur Ulianitzky; Ilay Grossman | Blog

Overview On March 30, A new zero day critical vulnerability was leaked in another open source software library. The vulnerability affects Spring Framework which…

New Privilege Escalation Techniques are Compromising your Google Cloud Platform
Idan Strovinsky, Zur Ulianitzky | Blog

In this research you’ll discover some of the common attack techniques used in Google Cloud Platform (GCP) to better understand how an attacker exploits…

XMGoat – An Open Source Pentesting Tool for Azure
Blog

  Overview We created XMGoat as an open source tool with the purpose of teaching penetration testers, red teamers, security consultants, and cloud experts…

Introducing MacHound: A Solution to MacOS Active Directory-Based Attacks
Blog

As a security researcher at XM Cyber, designing core product support for MacOS was one of my goals last year. Designing this support meant…

Lessons Learned from the SolarWinds SUNBURST Attack
Blog

Should We Prioritize Detection or Prevention? The XM Factor Is Needed. In 1736, Benjamin Franklin famously advised fire-threatened Philadelphians that “An ounce of prevention…

Here’s How the Recent SolarWinds Supply Chain Attack Could Be Easily Stopped
Blog

A Cybersecurity Vaccine Exists – and It Is 99% Effective. Learn How to Inoculate Your Organization From Attacks in 2021 There’s no sugarcoating it:…

What Are Common Targets for Advanced Persistent Threats (APT)?
Blog

Few things give cybersecurity defenders more anxiety than the prospect of an attack by an Advanced Persistent Threat (APT). Unlike your run-of-the-mill attacker, APTs…

SSH & SSL — Step-siblings or Rivals?
Blog

People often wonder whether SSH uses SSL/TLS for traffic encryption. The short answer is NO, even though both protocols have much in common, under…

1 2

See all ways we can help you

See what attackers see, so you can stop them from doing what attackers do.