SAM Name Impersonation

Bah Humbug – Nasty Active Directory Exploits Call for Immediate Patching New attacks reinforce importance of rigorous updates in wake of Log4Shell As the Log4j threat continues to unfold, there is yet another “humbug” that should be top-of-mind for businesses as we enter the throes of the holiday season. The Armor team is closely monitoring […]

View More

November 17, 2021

Astaroth: Banking Trojan

We’re continuing our blog series about Living-off-the-Land (LotL) attacks by focusing on a particularly fast-moving malware called Astaroth. Click here to view the first post, which goes into the characteristics of LotL binaries and how they work. First spotted in the wild in 2017, Astaroth is a highly prevalent, information-stealing Latin American banking trojan. It […]

View More

Check out the Cybersecurity and Compliance Assessment

Armor’s cybersecurity and compliance assessment delivers a baseline assessment for your organization’s overall cybersecurity and compliance posture.

View Assessment

November 11, 2021

Living-Off-the-Land Attacks

Cyber trends tend to come and go, but one popular technique we’re seeing currently is the use of living-off-the-land binaries. The concept of “living off the land” (LotL) was first introduced by Christopher Campbell and Matt Graeber at Derbycon 3.0 (2013) and refers to attacker behavior when they use any binary supplied by the operating […]

View More

Armor Identifies 15 New Ransomware Victims in the Last 2 Weeks, All of them Educational Institutions – Threat Intelligence

Update 9.26.19 Since the original publication of this report on Friday, September 20 the following 5 schools have also come forward as victims of ransomware attacks, for a total of 15 schools in the past two weeks. A total of 54 education victims, potentially impacting over 500 individual K-12 schools have been reported in the […]

View More

Forrester's Total Economic Impact Report of Armor Anywhere

Discover the true ROI of Armor’s cloud security solution Armor Anywhere.

Check it out

City of Borger, TX and Keene, TX Among 22 Local Texas Government Organizations Hit by Ransomware – Threat Intelligence

Updated as of 10:30 am CST, August 22, 2019 Armor Identifies Seven New Victims in Statewide Ransomware Attack After identifying the cities of Keen and Borger, Texas as victims of the mass ransomware attack which hit Texas on August 16th, cloud security solutions provider Armor has identified seven new victim organizations. They include: Wilmer, TX Lubbock […]

View More

Ransomware Attack Against Baltimore: Tweet from Hacker or Malicious Prankster? – Threat Intelligence

Last Updated: 5/29/2019 Eric Sifford, security researcher with Armor’s Threat Resistance Unit (TRU), found new tweets on Saturday, May 25, 2019 and on Tuesday, May 28, 2019 from a Twitter account , which appears to be connected to the City of Baltimore ransomware attackers. Both tweets were directed squarely at Baltimore’s mayor, Bernard C. “Jack” […]

View More