Skip to content
      Featured Adversary Security

      Offensive CI/CD – A Cat on a Vessel

      TL;DR- How we leveraged CI/CD pipelines to solve the challenge of automating the streamline of evasion techniques into existing tools and deploy them in the field to enact...

      Read More

      All Resources

      Featured Adversary Security

      Offensive CI/CD – A Cat on a Vessel

      How we leveraged CI/CD pipelines to automate the implementation of evasion techniques in offensive tools to enact adversary simulation tasks without being detected. Read More
      Featured Threat Report Threat Research

      Luna Moth: The Actors Behind the Recent False Subscription Scams

      Sygnia’s Incident Response team has identified the 'Luna Moth' ransom group. Their modus-operandi resembles scammers, with the twist of corporate data theft, leveraging the threat of publication to demand millions of dollars in ransom.  Read More
      Press Release
      Incident Response

      Sygnia Shortlisted in Two Categories as Part of the 2022 SC Awards Europe

      Sygnia joins industry leaders in “Best Incident Response Solution” and “Best Security Company” categories. Read More
      Blog Post
      Featured Incident Response Threat Hunting

      The Misconceptions of 2021's Black Swan Cyber Events

      Organizations can defend themselves from future unknows attacks by implementing targeted security hardening measures, turning on built-in security protections, and leveraging existing technology stack to achieve microsegmentation and credential hygiene Read More
      Blog Post
      Featured Incident Response Threat Hunting

      Hybrid Phishing Attack Vector – Complementing Phishing Campaigns with Wide Infrastructure Exploitations

      Cyber-crime groups are targeting Java-based infrastructures that are susceptible to the Log4Shell vulnerability, and are leveraging the high integrity of the compromised infrastructure to deliver Qakbot phishing emails. Read More
      Analyst Report

      GARTNER MARKET GUIDE

      The number and severity of cybersecurity incidents continue to grow, prompting the increased adoption of Digital Forensics and Incident Response Services (DFIR) services. But what do you need to consider when selecting the best provider for your organization? Read More
      Analyst Report

      FORRESTER NOW TECH: CYBERSECURITY INCIDENT RESPONSE SERVICES, Q4 2021 REPORT

      Engaging with an incident response service provider will help you respond immediately in a crisis and assist in the creation of an effective incident response program. But to realize these benefits, you’ll first have to select from a diverse set of vendors. Use this report to understand the value you can expect from an incident response provider and to select one based on size and functionality. Read More
      Advisory
      Featured Incident Response Threat Hunting

      Sygnia Advisory: Key takeaways from leak of Conti crime group internal communications

      Following our analysis of the leaked Conti information we would like to share some insights regarding the group’s modus operandi. Read More
      Blog Post
      Featured Incident Response Threat Hunting

      Breaking Down the Casbaneiro Infection Chain

      The Casbaneiro banking trojan targets financial organizations to steal user data for financial gain. Get a detailed “attacker fingerprint”. Read More
      Advisory
      Featured Incident Response Threat Hunting

      Sygnia Advisory: Potential Okta Breach

      In light of evidence of a successful Okta breach, we recommend taking several steps to mitigate potential risk for organizations leveraging Okta solutions. Read More
      Advisory
      Featured Incident Response Threat Hunting

      Advisory: Russia–Ukraine Conflict Escalation

      As we monitor the conflict between Russia and Ukraine we published this advisory to support global organizations. The goal is to provide background to brief executive leadership as well as action items to enhance resilience. Read More
      Press Release
      Incident Response

      Amir Becker Joins Sygnia to Lead Global Incident Response Division

      Sygnia announced today that Amir Becker is joining the team as its new Vice President of Incident Response. Read More
      Sygnia Blog
      Incident Response Threat Research Blog Post

      7 Cyber Attacks That Kept the Industry Talking in 2021

      A journey back through 2021 - What we’ve learned from 5 major cyber attacks that took place in 2021 as well as 2 new threat actors identified by Sygnia. Read More
      Press Release
      Incident Response

      Sygnia to Host Webinar on Actionable Incident Response Strategies for 2022

      Sygnia's cybersecurity experts to deliver actionable Incident Response (IR) strategies organizations worldwide can leverage. Read More
      Videos
      Featured Threat Report Threat Research

      Elephant Beetle: Uncovering an Organized Financial-Theft Operation

      Sygnia’s IR team has identified the Elephant Beetle threat group, an organized, significant financial-theft operation threatening global enterprises.  Read More
      Sygnia Blog
      Adversary Security Blog Post

      It's a Threat Actor's Paradise: Getting Ahead of Attackers in 2022

      Achieving cyber resilience in the hostile attack terrain comes down to an organization’s ability to flip the asymmetry between them and the threat actors. Read More
      Blog Post
      Featured Incident Response Threat Hunting

      End-to-End LOG4SHELL Hunting Strategy

      Defenders, hunt for Log4Shell exploitation attempts, distinguish between failed and successful attempts and identify post-exploitation activities. Read More
      Advisory
      Incident Response Threat Hunting

      Sygnia Advisory: Log4Shell Remote Code Execution

      Critical remote code execution vulnerability in a software logging package called “Log4Shell” (CVE-2021-44228) is impacting millions of devices globally Read More
      Press Release
      Incident Response

      SYGNIA RECOGNIZED IN 2021 GARTNER® MARKET GUIDE FOR DIGITAL FORENSICS AND INCIDENT RESPONSE SERVICES

      Sygnia has been recognized as a Representative Vendor in 2021 Gartner Market Guide for Digital Forensics and Incident Response Services. Read More
      Press Release

      SYGNIA EXPANDS INTO EUROPE TO MEET INCREASING CLIENT DEMAND

      Following impressive growth, Sygnia opens its first European office in London. Read More
      Blog Post
      Incident Response Threat Hunting

      Recent Waves of Phishing Attacks Overpowering 2-factor Authentication

      Phishing attacks are still a leading attack vector for threat actors globally, & are evolving in prevalence & sophistication given work-from-home models Read More
      Threat Report
      Threat Research

      Praying Mantis An Advanced Memory Resident Attack

      Sygnia researchers identified an advanced threat actor targeting high profile US organizations, using nation-state attack methods, and operating in-memory. Read More
      Community Tool
      Adversary Security

      Cloud Scout: a New Open Source Tool for Cloud Security

      Sygnia released Cloud Scout, an open-source tool for cloud security to help map cloud and hybrid cloud environments, identify and visualize cross platform attack paths & vulnerabilities, and enhance overall resilience. Read More
      Threat Report
      Incident Response Threat Research Threat Hunting Ransomware

      Lazarus Group’s Mata Framework Leveraged To Deploy TFlower Ransomware

      Sygnia: Double extortion ransomware attack - threat actor leveraged an undocumented variant of MATA to distribute and execute the TFlower ransomware. Read More
      Advisory
      Incident Response Threat Hunting Ransomware

      Kaseya Ransomware Supply Chain Attack

      Get a deep dive into the Kaseya ransomware attack, and how you can deploy effective defense strategies. Read More
      Advisory
      Incident Response Threat Hunting Ransomware

      Detection And Hunting Of Golden SAML Attack

      Get actionable insights on how to detect a Golden SAML attack vector and an overview of the compromise at SolarWinds. Read More
      Advisory
      Incident Response Threat Hunting

      Demystifying The PrintNightmare Vulnerability

      Learn about the PrintNightmare vulnerability, why it's such a cause for concern and how to mitigate the risk. Read More