A Security Information and Event Management (SIEM) solution acts as the central nervous system of an organization’s security framework. It collects, analyzes, and correlates data from various sources within the IT infrastructure, including network devices, servers, and security systems. By integrati…
Category: Interesting Stuff
Experience Level required: Intermediate In this report, we will analyze CyberGate, a Delphi malware, to determine its function and capabilities. According to Subex Secure, CyberGate is a Remote Access Trojan (RAT) that allows an attacker to gain unauthorized access to the victim’s system. Attackers…
Same threats, different days? Not necessarily. Threat actors are forever innovating, looking for better and more effective ways to achieve their goals. While tactics like phishing are often in the news, even these attacks can […]
In today’s cybersecurity landscape, it’s not a matter of if an organization will experience a security incident, but when. Having a skilled Security Operations Center (SOC) team that can effectively perform Incident Response (IR) is crucial for minimizing the impact of security breaches. Here’s a comprehensive guide on how to teach…
Google Drive is one of the most used storage systems on the planet, Google Drive has over a billion users, For context that’s about 1/8 of the human population! It’s a staggering figure by no doubt, you will likely end up encountering this behemoth of a giant that is Google Drive. This guide will go…
Threat intelligence solutions can be used in a wide variety of ways, so it is important to identify your potential use cases before you choose one.
The registry is a hierarchical database, The Windows Registry holds configuration information about all the applications on the system, user-specific settings, configuration of various hardware devices used by the system, settings for all the software on the system, etc. DIVE INTO THE REGISTRY, ONE…
Phishing is a formidable–and financially devastating–threat costing organizations $4.76 million USD per breach on average. With a simple, deceptive email, adversaries can masquerade as trusted entities, tricking even savvy individuals into handing over their credentials and other sensitive information. Whether it’s a duplicitous link or a crafty call to action, phishing…
Phishing is the weapon of choice for many adversaries. And it’s easy to understand why: Users fall victim to attacks in under 60 seconds on average, novice cybercriminals can launch effective phishing campaigns thanks to off-the-shelf phishing kits and generative AI, and above all, it works — 71% of organizations reported…
Tenable Identity Exposure allows you to secure your infrastructure by anticipating threats, detecting breaches, and responding to incidents and attacks. Using an intuitive dashboard to monitor your Active Directory in real-time, you can identify at a glance the most critical vulnerabilities and thei…
SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting – Help Net Security
Summary: This content discusses SELKS, a free and open-source solution for network intrusion detection and protection, network security monitoring, and threat hunting. Threat Actor: N/A Victim: N/A Key Point : SELKS is a turnkey solution developed by Stamus Networks for small and medium-sized organi…
The PDF file “Enhancing Election Security Through Public Communications” is a comprehensive guide created by the Cybersecurity and Infrastructure Security Agency (CISA) and the Election Assistance Commission (EAC). It aims to help election officials develop effective public communication strategies…
On Substack, publications run by cybersecurity professionals and journalists with expertise in cybersecurity can help practitioners keep pace with developments in security operations and many other areas of cybersecurity. Here’s our curated list of 10 Substacks for anyone looking to stay up to date…
Structure of a Web Application Web applications consist of two main parts: Frontend: The user interface, typically built with frameworks like React, Angular, or Vue.js, communicates with the backend via APIs. Backend: Processes user requests, interacts with databases, and serves data to the frontend…
Introduction Whitebox penetration testing, especially for complex web applications, can be daunting due to the vast amount of code and interconnections between various components. Breaking down the application into manageable pieces is an effective strategy for systematic analysis. Methodology Overv…