2022 is Over But What Did We Learn From Our Work
Throughout the year, numerous new incidents and rising threats were unveiled to the horror of many. In 2022, the world […]
Why Threat Actors are Now using Rust to Develop New Ransomware?
Rust, a relatively new programming language, was introduced in 2015 and has since gained popularity for its pleasant developer experience […]
Methods to Perform Encrypted Traffic Analysis (ETA)
In addition to considerably enhancing security and user privacy, the introduction of network traffic encryption, such as TLS, has also […]
Why Compromise Assessment Should Be a Part of Your Threat Detection and Response Ecosystem
A typical compromise assessment plan uses specialized software and scripts combined with forensic data to find compromises or problems that […]
WIP19 APT Targeting Organizations in Middle East
With signed malware, a new cyberespionage group has been hitting telecom companies and IT, service providers. The group, known as […]
Using Steganography to Hide Malware – Witchetty APT Case Study
Steganography has been used in the real world on the Windows and macOS operating systems. Attackers have been detected to […]
The Evolution of SideWinder APT and their Modus-Operandi
A suspected Indian threat actor group, Sidewinder, has been operating at least since 2012. They have been seen attacking businesses, […]
Opera1er APT Group Targeting Banks, Financial Institutes, and Mobile Operators across Africa, Asia and LATAM
Since 2016, OPERA1ER, also known as DESKTOP-GROUP, Common Raven, and NXSMS, has been reported to operate with the intention of […]
Royal Ransomware
Royal has been in existence since at least the beginning of 2022, making it a relatively new business. The goal […]
How to Detect Typosquatting using DNSTwist
Typosquatting is a social engineering attack in which a threat actor registers domains with purposefully misspelled versions of well-known companies’ […]
Ursnif/Gozi Malware Evolution and Associated IoC
Gozi is a powerful piece of malware with a wide range of intricate characteristics. It began as a basic banking […]
Detecting Cyber-Attacks on Kubernetes Environment
Kubernetes is a container orchestration system that acts as a management abstraction layer. It is an open-source system that aids […]
An overview of FIN11 and their motivations
A financially driven threat group FIN11 has run some of the most extensive and longest-running malware dissemination campaigns. Researchers have […]
Alert Advisory: Insight into APT42
APT42 is a state-sponsored cyber espionage group in Iran. The gang, which has been active at least since 2015, is […]
Recent Uber Breach and Lessons Learnt
Uber acknowledged reports of a widespread cybersecurity compromise on September 15th. The security investigation found that the company’s system had […]
Usage of NPPSpy
Extracting Windows credentials from Domain based hosts is one of the common attack techniques hackers use to obtain user credentials […]
Malware Evasion Techniques and Recommendations for Threat Protection
Malware evasion methods are frequently employed to evade detection, analysis, and comprehension. Due to the fact that sandboxes are now […]
DGA Detection Using Machine Learning
Domain Generation algorithm (DGA) is an automation technique used by cyber attackers for a variety of attacks like Data exfiltration, […]
Augmenting Traditional UEBA with ML and Deep Learning
User and entity behavior analytics (UEBA) is a threat detection technology that is based on analytics. UEBA employs machine learning […]
Tools Used for Dumping of RDPCreds via comsvcs.dll
Remote Desktop Protocol (RDP) is commonly used by administrators to manage Windows environments remotely. It is also typical for RDP […]
Sniffing Attacks – Packet Capture Techniques Used by Attackers
Sniffing attacks are data thefts caused by capturing network traffic with packet sniffers, which can illegally access and read unencrypted […]
LSASS Dumping Techniques
Local Security Authority Subsystem Service (LSASS) is the process on Microsoft Windows that handles all user authentication, password changes, creation […]
Common Reconnaissance Tools Used by Threat Actors
Reconnaissance consists of techniques that involve adversaries actively or passively gathering information that can be used to support targeting. Background […]