Eyal Karni

Find me on:

Recent Posts

From Public Key to Exploitation: How We Exploited the Authentication in MS-RDP

Posted by Eyal Karni on Mar 13, 2018 10:05:15 AM

 In March Patch Tuesday, Microsoft released a patch for CVE-2018-0886, a critical vulnerability that was discovered by Preempt. This vulnerability can be classified as a logical remote code execution (RCE) vulnerability. It resembles a classic relay attack, but with a nice twist: It is related to RSA cryptography (and prime numbers) which makes it quite unique and interesting.

Read More

Topics: Multi-factor Authentication, kerberos, Hacking, Black Hat, Security Advisory, Microsoft, RDP

Five Common Misconceptions in Enterprise Security Organizations - Part Two

Posted by Eyal Karni on Aug 3, 2016 8:00:00 AM

In my previous blog post (part 1), I talked about common misconceptions in Enterprise security organizations as they relate to IT security skills challenges along with the disadvantages of counting on log-based solutions for stopping advanced attacks. This week I’d like to focus on three other common misconceptions in IT security organizations. I’ll be talking about why bigger isn’t necessarily better, why User and Entity Behavior Analytics on its own is not enough and why “zero configuration” solutions will let you down.

Read More

Topics: User Behavior, APT, User and Entity Behavior Analytics

Five Common Misconceptions In Enterprise Security Organizations - Part One

Posted by Eyal Karni on Jul 28, 2016 9:40:49 AM

In Enterprise security organizations decisions are often made without looking at the big picture. Putting together a security strategy is hard. And sometimes it’s impossible to fully understand the different features and advantages different security solutions provide versus what the organization really needs. Current trends, rumours, lack of security skills or the need to feel secure might have an impact on these decisions. Without a comprehensive knowledge of security--like good attackers or good security researchers often have--an organization can leave themselves exposed.

Read More

Topics: Security Skills, APT, Domain Controller