Phishing Attack:
Phishing attacks are a type of cyberattack in which attackers use fraudulent email and messaging websites to trick individuals into providing sensitive information such as u… Read More
Blog Directory > Education Blogs > Security Operation Center education Blog >
Hybrid Analysis:
Hybrid scanning is a robust open source malware scanning solution. It provides a dynamic environment for testing malicious software. Users can submit samples for comprehensi… Read More
Certificate Transparency (CT) is an open source framework for monitoring and detecting forged or fraudulent SSL certificates. Users’ browsers are often able to detect such forged SSL… Read More
In a move to protect its customers, Fortinet has released a warning regarding the recently patched vulnerability known as CVE-2023-27997. The company has reason to believe that it may have a… Read More
Severity: HighSummary of Research:
The current ongoing aggressive advertising campaign with deceptive Google ads promoting banned messaging systems such as Telegram specifically targets Chin… Read More
Synthesis of AnalysisSeverity
MediumAnalysis Summary:
Exploiting a now-fixed vulnerability in Microsoft Outlook gives threat actors access to NT LAN Manager (NTLM) v2 hashed passwords when a… Read More
What is Nikto and usage:
Nikto is an open-source web server vulnerability scanner that is used by security professionals and enthusiasts to identify potential security issues on web servers… Read More
What is a YARA Rule?
A YARA Rule is employed for categorizing malware samples by creating descriptions that seek specific characteristics. These descriptions, termed "rules," can take the fo… Read More
FireEye has introduced a complimentary tool named Azure AD Investigator on GitHub, designed as an auditing script to ascertain whether the SolarWinds Hackers, also recognized as UNC2452, em… Read More
Malware is the short form of malware. As the name suggests, a legal code is one that makes things illegal. They are deliberately created with the aim of causing serious damage to the targe… Read More
Ursnif is a banking Trojan and variant of the Gozi malware observed being spread through various automated exploit kits, Spear phishing Attachments, and malicious links. Ursnif is associat… Read More
Linux Audit Logs cheatsheet – Detect & Respond Faster Why Linux is better than windows?
From the perspective of operating system research, Windows is not considered outdated, and… Read More
ICMP Attacks – Types & Codes For Log Analysis , Detection & Defense
The Internet Control Message Protocol (ICMP) is employed for reporting errors and conducting netwo… Read More
In 2021, the number of individuals accessing the network has reached billions, encompassing customers, vendors, and remote users. Among them, there are potential threats, including lon… Read More
Kerberos serves as a network authentication protocol, specifically designed to offer robust authentication for client/server applications through the utilization of secret-key cryptograph… Read More
To install malware and persist on a target while maneuvering laterally across the network, adversaries employ diverse evasive techniques. A highly effective method they employ involves reg… Read More
Adversaries leverage various Windows features to distribute malware. In this context, a Windows tool facilitates attackers in delivering compressed files to targets, extracting malicious… Read More
Windows events logs are rich source of information on the occurrence of any incidents , proactive motioning of specific events will provide you more information on the clients environment… Read More
In an era dominated by digital breakthroughs, the Security Operation Center (SOC) serves as a sentinel against the ever-changing panorama of cyber threats. At the heart of the SOC is a crit… Read More
A virus is a small piece of malicious software code that can replicate itself and spread from one host to another by attaching itself. Initially, the virus is inactive until the file is ope… Read More
Skills required for a Security Operations Center (SOC) analyst can vary based on the level of expertise, but generally, they include a combination of technical, analytical, and communicatio… Read More
How can we secure our system? Is there a specific protocol for system protection? This article explores the measures to safeguard our system against both external and internal threats. Befo… Read More