The process of stealing data from a corporate system is also known as exfiltration. MITRE ATT&CKĀ® has dedicated an entire tactic to illegal copying, downloading, and transferring of organizationsā internal data with significant levels of sensitivity. Data exfiltration examples can be quite obvious, like copying files to a thumb drive; and quite stealthy, like DNS […]
The method of a secure cryptographic key exchange was introduced by Whitfield Diffie and Martin Hellman in 1976. Cool thing about the public and private key pair is that the decryption key cannot be deciphered in any way from an encryption key.Ā This feature is exactly whatās exploited by ransomware actors who encrypt data and […]
Lots of children break things not because they are little evil creatures but because they are curious about āhow itās made.ā Eventually, some of those children grow up and become Cybersecurity Analysts. They do basically the same but in an adult world.Ā Malware analysis is the process of studying a malware sample to understand what […]
The cybersecurity community is facing a crisis caused by the escalating threat of high-profile ransomware attacks. Advancing the trend of 2020, ransomware continues to be the number one problem in 2021, with the increasing sophistication of intrusions and a constantly growing number of malicious affiliates.Ā Big enterprises remain to be the primary target. Yet, the […]
About a week ago we got this info from one of our partners āWe are seeing phishing emails flying in our environment (Internal to Internal)ā along with sharing an email sample with us. Today weāre going to analyze the recent phishing attacks targeted at Fortune 500 and Global 2000 companies dubbed āStealthphishā aimed at compromising […]
Itās been a hot summer for security industry: in less than a week since the initially suspected ransomware Petya.A has turned out to be much more than meets the eye. Security researchers around the world have rightfully dubbed it NotPetya and EternalPetya, as the malware was never meant to ask for ransom ā it was […]
Good news everyone! After a rather long day, night and morning of studying the news, researching and hunting the #WannaCryĀ ransomwarewormĀ there are some discoveries to be shared.. This includesĀ HostĀ andĀ NetworkĀ IOCs, their analysis obtained with help of fellowĀ security researchersĀ and practitioners, review of C2 infrastructure and its interactions with Tor. Last but not least are some freeĀ SIEM use casesĀ that […]
Hello everyone! Today we will focus on the fresh example of the simple phishing from the actual practice as always. Letās analyze the following letter:
Letās proceed to studying a stage of attack called āDeliveryā from Lockheed Martin Cyber Kill Chain. Much can be said about this stage, but today Iāll just share parsing of one sample which I have recently received for analysis. The sample attracted my attention because of its simplicity on one hand and its sophistication on […]