SCCM Exploitation: Account Compromise Through Automatic Client Push & AD System Discovery
Author: Marshall Price, Senior Security Consultant TL;DR: The following conditions can lead to compromise of the SCCM client push account […] ...
T-O-X-I-N-B-I-O – Ransomware Recruitment Efforts Following Law Enforcement Disruption
Contributors: Jason Baker, Senior Threat Intelligence Consultant; Drew Schmitt, Practice Lead, GRIT This blog expands on observations made as part […] ...
GRIT Ransomware Report: February 2024
Additional contributors to this report: Nic Finn, Jason Baker, Justin Timothy, Ryan Silver February 2024 was an utterly chaotic month […] ...
BianLian GOs for PowerShell After TeamCity Exploitation
Contributors: Justin Timothy, Threat Intelligence Consultant, Gabe Renfro, DFIR Advisory Consultant, Keven Murphy, DFIR Principal Consultant Introduction Ever since Avast […] ...
PCI 4.0 – Let the fun begin
You’ve put it off, ignored it, or just been busy. Whatever the case, PCI version 4.0 is a reality as […] ...
GRIT Ransomware Report: January 2024
Additional contributors to this report: Nic Finn, Grayson North, Jason Baker January saw a decrease in ransomware activity relative to […] ...
Annual GRIT Ransomware Report – 2023
With the conclusion of 2023, the GuidePoint Research and Intelligence Team (GRIT) has compiled our second annual report on ransomware […] ...
The CMMC Proposed Rule is Out – Now What?
What is CMMC? NIST Special Publication 800-171 (110 requirements) was first published in 2016 with an implementation requirement date of […] ...
GRIT Ransomware Report: November 2023
Additional contributors to this report: Nic Finn, Grayson North, Justin Timothy, Ryan Silver November 2023 closed with an increase in […] ...
GRIT Ransomware Report: October 2023
Additional contributors to this report: Nic Finn, Justin Timothy October proved to be much quieter than expected. Compared to the […] ...
