The Rise of IPFS Phishing
Phishing attacks are still one of the most prevalent methods for threat actors to get access, and they pose a […]
DCSync Attacks Explained
Once an attacker gets access to a Windows endpoint, they can access credentials saved in clear text or as a […]
CVE-2023-34039: Critical Authentication Bypass Vulnerability in VMware Aria Operations for Networks
The VMware Aria management and monitoring package provides full-scope operations management, IT automation, log management, analytics creation, network visibility, and […]
Evidence Leads to Lazarus as the VMConnect Supply Chain Attack Continues
Recently, Sonatype and Reversing Labs analyzed the fraudulent PyPI package ‘VMConnect,’ developed to imitate the authentic VMware vSphere connector module […]
DGA Detection Using Machine Learning
Domain Generation algorithm (DGA) is an automation technique used by cyber attackers for a variety of attacks like Data exfiltration, […]
LSASS Dumping Techniques
Local Security Authority Subsystem Service (LSASS) is the process on Microsoft Windows that handles all user authentication, password changes, creation […]
SSO SAML Tokens Attack
SAML (In)Security Security Assertion Markup Language (SAML) is a method for exchanging authentication and authorization between trusted parties. It’s essentially […]
ToddyCat APT
ToddyCat — a relatively new Chinese-Speaking Advanced Persistent Threat, has been targeting and exploiting vulnerable Exchange Servers throughout Europe and […]
Ransomware Detection Using Machine Learning
Gone are the days of manual security analysis that cyber security teams used to perform to track down and stop […]
How to Detect Ransomware Early
The proliferation of ransomware attacks in the past decade has brought many challenges to companies and cyber security teams worldwide. […]
CSOC Analysts Cybersecurity Toolkit Arsenal
It is safe to say that organizations worldwide have different infrastructure setups, technology, software, and different network architecture types. No […]