Malware Evasion Techniques and Recommendations for Threat Protection
Data Exfiltration and Detection through Anomaly Detection
DGA Detection Using Machine Learning
Augmenting Traditional UEBA with ML and Deep Learning
Tools Used for Dumping of RDPCreds via comsvcs.dll
Sniffing Attacks – Packet Capture Techniques Used by Attackers
LSASS Dumping Techniques
Common Reconnaissance Tools Used by Threat Actors
DNS Tunneling and Countermeasures in an Enterprise
Alert Advisory: Analysis of BlackCat Ransomware
SSO SAML Tokens Attack
Security Assertion Markup Language (SAML) is a method for exchanging authentication and authorization between trusted parties. It’s essentially an XML schema that allows for federated Single Sign-On (SSO) to work.
Kerberoasting – Active Directory Attack
ToddyCat APT
CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability and Digital Forensics
Wiper Malware – What is it and How to Detect?
Ransomware Detection Using Machine Learning
Due to the vast amount of data that is being generated every minute of every day, it has become impossible to rely on a few cyber security professionals to stop ransomware attacks without significant assistance from automated security tools.
How to Detect Ransomware Early
CSOC Analysts Cybersecurity Toolkit Arsenal
Cyber Security Operation Centers or CSOC is comprised of a team of cyber security analysts whose responsibilities are fully dedicated to hunting for vulnerabilities, indicators of compromise and investigating incidents and alarms generated by SIEM, XDR and other monitoring security platforms and tools.