21 Sep 2022
Sticky Post By Posted in Cyber Security, Managed Security Services, Managed SOC Services Permalink

Usage of NPPSpy

Sticky Post By On September 21, 2022
Extracting Windows credentials from Domain based hosts is one of the common attack techniques hackers use to obtain user credentials from Windows hosts. Once obtained, these user credentials are used to laterally move between the hosts and deploy threats or exfiltrate data from the network.

Read More

20 Sep 2022
Sticky Post By Posted in Cyber Security, Machine Learning, Malware Protection, Managed SOC Services Permalink

Malware Evasion Techniques and Recommendations for Threat Protection

Sticky Post By On September 20, 2022
Malware evasion methods are frequently employed to evade detection, analysis, and comprehension. Due to the fact that sandboxes are now the quickest and simplest approach to getting an overview of the threat, anti-sandbox detection is one of the most common kinds of evasion.

Read More

19 Sep 2022
Sticky Post By Posted in Cyber Security, Cyber Threat Intelligence, Machine Learning, Managed Security Services, Managed SOC Services, Security Operations Center, Threat Hunting, Threat Intelligence Permalink

Data Exfiltration and Detection through Anomaly Detection

Sticky Post By On September 19, 2022
Data exfiltration is the unauthorised transfer of critical and sensitive data and/or information from a targeted network to the cyber pests’ hideouts. Detecting data exfiltration is a difficult task because data flows in and out of networks on a regular basis, and this nefarious technique closely resembles normal network traffic.

Read More

16 Sep 2022
Sticky Post By Posted in Cyber Security, Machine Learning, Managed Security Services, Managed SOC Services Permalink

DGA Detection Using Machine Learning

Sticky Post By On September 16, 2022
Domain Generation algorithm (DGA) is an automation technique used by cyber attackers for a variety of attacks like Data exfiltration, command and control and DNS tunnelling and to make it harder for the company’s defenses to detect them.

Read More

11 Sep 2022
Sticky Post By Posted in Cyber Security, Machine Learning, Managed SOC Services, UEBA Permalink

Augmenting Traditional UEBA with ML and Deep Learning

Sticky Post By On September 11, 2022
User and entity behavior analytics (UEBA) is a threat detection technology that is based on analytics. UEBA employs machine learning and data science to gain an understanding of how users (humans) in an environment typically behave and then detect risky and anomalous activity that deviates from their normal behavior and may indicate a threat.

Read More

08 Sep 2022
Sticky Post By Posted in Cyber Security, Security Operations Center Permalink

Tools Used for Dumping of RDPCreds via comsvcs.dll

Sticky Post By On September 8, 2022
Remote Desktop Protocol (RDP) is commonly used by administrators to manage Windows environments remotely. It is also typical for RDP to be enabled in systems that act as a jumpstation to enable users to reach other networks.

Read More

27 Jul 2022
Sticky Post By Posted in Alert Advisory, Cyber Security, Managed SOC Services, Ransomware Protection, Security Operations Center, XDR Permalink

Alert Advisory: Analysis of BlackCat Ransomware

Sticky Post By On July 27, 2022
BlackCat, also known as ALPHV-ng, ALPHV, and Noberus, is a Ransomware-as-a-Service (RaaS) threat that targets organizations across multiple sectors worldwide using the multi-level extortion tactic.

Read More

18 Jul 2022
Sticky Post By Posted in Cyber Security Permalink

SSO SAML Tokens Attack

Sticky Post By On July 18, 2022
SAML (In)Security

Security Assertion Markup Language (SAML) is a method for exchanging authentication and authorization between trusted parties. It’s essentially an XML schema that allows for federated Single Sign-On (SSO) to work.

Read More

27 Jun 2022
Sticky Post By Posted in Advanced Persistent Threat, Malware Protection Permalink

ToddyCat APT

Sticky Post By On June 27, 2022
ToddyCat — a relatively new Chinese-Speaking Advanced Persistent Threat, has been targeting and exploiting vulnerable Exchange Servers throughout Europe and Asia since December 2020 for targeting high-profile entities which is recently reported by Kaspersky.

Read More

03 Jun 2022
Sticky Post By Posted in Cyber Security, Incident Response, Vulnerability Assessment Permalink

CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability and Digital Forensics

Sticky Post By On June 3, 2022
Microsoft issued CVE-2022-30190 regarding a vulnerability regarding the Microsoft Support Diagnostic Tool (MSDT). This exists when MSDT is called using the URL protocol from a calling application (Word products such as Word/Excel/Outlook).

Read More

12 Apr 2022
Sticky Post By Posted in Malware Protection, Managed Security Services, Managed SOC Services Permalink

Wiper Malware – What is it and How to Detect?

Sticky Post By On April 12, 2022
In the world of different malware types and strains, the most disruptive malware type besides ransomware might be Wiper malware. The original wiper malware was first seen back in 2012 but did not enter the spotlight until 2014 when Sony company was hit with this destructive strain.

Read More

29 Mar 2022
Sticky Post By Posted in Ransomware Protection Permalink

Ransomware Detection Using Machine Learning

Sticky Post By On March 29, 2022
Gone are the days of manual security analysis that cyber security teams used to perform to track down and stop ransomware attacks.

Due to the vast amount of data that is being generated every minute of every day, it has become impossible to rely on a few cyber security professionals to stop ransomware attacks without significant assistance from automated security tools.

Read More

15 Mar 2022
Sticky Post By Posted in Compromise Assessment, Ransomware Protection Permalink

How to Detect Ransomware Early

Sticky Post By On March 15, 2022
The proliferation of ransomware attacks in the past decade has brought many challenges to companies and cyber security teams worldwide. What started as simple ransomware attacks that a knowledgeable person could reverse has now exploded into a large industry with attackers reaping large profits with advanced forms of ransomware that is impossible to reverse.

Read More

28 Feb 2022
Sticky Post By Posted in Cyber Security, DARKINT, EDR, OSINT, SIEM, Threat Intelligence, Vulnerability Assessment, XDR Permalink

CSOC Analysts Cybersecurity Toolkit Arsenal

Sticky Post By On February 28, 2022
It is safe to say that organizations worldwide have different infrastructure setups, technology, software, and different network architecture types. No matter how diverse these organizations are, they have one thing in common, a CSOC analyst who is watching over their infrastructure.

Cyber Security Operation Centers or CSOC is comprised of a team of cyber security analysts whose responsibilities are fully dedicated to hunting for vulnerabilities, indicators of compromise and investigating incidents and alarms generated by SIEM, XDR and other monitoring security platforms and tools.

Read More

20 Jan 2022
Sticky Post By Posted in Managed SOC Services, Security Operations Center, XDR Permalink

XDR Software – The Journey Beyond

Sticky Post By On January 20, 2022
We are still in the early days of the XDR (eXtended Detection and Response) era, understanding XDR technology in the threat detection field and the benefits it brings plays a key role into understanding how this can fit into your overall cybersecurity ecosystem.

Read More


CONTACT US

We welcome you to contact us for more information
about HAWKEYE - SOC As A Service.

VISIT HAWKEYE CYBER SECURITY CENTER

Address: Office 4, Oasis Center, Sheikh Zayed Road, Dubai, United Arab Emirates

Phone: +971 4 338 3365

Email: hawkeye@dts-solution.com

 

LET'S GET SOCIAL

CONTACT US