Packet Pushers

MARCH 9, 2020

Let's Encrypt revokes millions of digital certs, Microsoft proposes SMB over QUIC for file access without a VPN (and an easier way to get through firewalls), big vendors offer extended free trials of conferencing software for companies considering remote work, Microsoft pays hourly workers full salaries during work slowdowns, and more.

SMB 52

SMB Encryption VPN Firewall 52

CATO Networks

MARCH 20, 2017

The POC was able to generate the so called Blue Screen of Death on Windows clients that connects into a compromised SMB server. Vulnerabilities in SMB servers should be treated very seriously. If attackers compromise an SMB server in the organization, they can exploit SMB vulnerabilities as part of wider lateral movement.

SMB 52

SMB Server Access Point JavaScript 52

CATO Networks

MAY 24, 2020

The same group that was behind a series of attacks on companies using sophisticated malware that encrypts files, known as Sodinokibi or REvil. It is speculated that the attack on Travelex became possible because the company had failed to patch vulnerable VPN servers. We also address the shortcomings of VPNs.

VPN 52

VPN Server SASE Automotive 52

CATO Networks

DECEMBER 16, 2024

Executive Summary Modern ransomware attacks have evolved beyond simple encryption to deploy sophisticated double extortion tactics. Threat actors now systematically exfiltrate sensitive data before encrypting systems, ensuring leverage even when victims have robust data backups. GreenCollector tool (identified as fs256.exe)

SMB 40

SMB IP Address SASE Protocol 40