by Süleyman Özarslan, PhD

On the 11th of August 2020, Microsoft released a security update[1], CVE-2020–1472 | Netlogon Elevation of Privilege Vulnerability, for a critical vulnerability within the Netlogon Remote Protocol (MS-NRPC)[2]in Windows Server operating systems, namely Windows Server 2008 R2, 2012, 2012 R2, 2016, and 2019. …

by Süleyman Özarslan, PhD

A scheduled task is a command, program or script to be executed at:

  • a particular time in the future (e.g. 11/08/2022 1:00 a.m.
  • at regular intervals (e.g. every Monday at 1:00 a.m.)
  • when a defined event occurs (e.g. a user logs on the system).

Legitimate users…

by Süleyman Özarslan, PhD

Picus is dedicated to collaborating with its technology alliance partners and the cybersecurity community to build better cyber defenses against the adversary attempts. Accordingly, we have a responsible disclosure policy to publish vulnerabilities and bypass/evasion methods of security controls. …

by Süleyman Özarslan, PhD

In 2019, Picus Labs analyzed 48813 malware to determine tactics, techniques, and procedures (TTPs) used by adversaries in these malicious files. Picus Labs categorized each observed TTP by utilizing the MITRE ATT&CK® framework. As a result of the present research, 445018 TTPs observed in the last…

Süleyman Özarslan, PhD

In 2019, Picus Labs analyzed 48813 malware to determine tactics, techniques, and procedures (TTPs) used by adversaries in these malicious files. Picus Labs categorized each observed TTP by utilizing the MITRE ATT&CK® framework. As a result of the present research, 445018 TTPs observed in the last year…

by Süleyman Özarslan, PhD

In 2019, Picus Labs analyzed 48813 malware to determine tactics, techniques, and procedures (TTPs) used by adversaries in these malicious files. Picus Labs categorized each observed TTP by utilizing the MITRE ATT&CK® framework. As a result of the present research, 445018 TTPs observed in the last…

by Süleyman Özarslan, PhD

In 2019, Picus Labs analyzed 48813 malware to determine tactics, techniques, and procedures (TTPs) used by adversaries in these malicious files. Picus Labs categorized each observed TTP by utilizing the MITRE ATT&CK® framework. As a result of the present research, 445018 TTPs observed in the last…

by Armagan Zaloglu

In our recent blog, What is security testing and why is it important?, we talked about how security testing is one of the single most important jobs an effective security department can do.

Without it, security leaders have no way to make informed and pragmatic decisions about…

by Süleyman Özarslan, PhD

In 2019, Picus Labs analyzed 48813 malware to determine tactics, techniques, and procedures (TTPs) used by adversaries in these malicious files. Picus Labs categorized each observed TTP by utilizing the MITRE ATT&CK® framework. As a result of the present research, 445018 TTPs observed in the last…

by Armagan Zaloglu

Security testing isn’t just a nice-to-have — it should be the north star of effective security leadership. …

Picus Security Inc.

Breach & Attack Simulation technologies | Continuous Validation | Cool Vendor of Gartner

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store