Powered By TEKGENX CONSULTING
Views: 242Adversary emulation with Caldera and Wazuh Please visit here to read PART I of this series, which explains the Caldera setup and Windows agent installation. Agent setup Deploy Agents on Linux machines Now, the lab consists of 2 Windows victims and 1 Linux victim, as reported by Caldera below. Configure Sysmon on Windows victims … Read more
Views: 80Understanding Logs in Infrastructure Systems Logs and Their Role Log Analysis What Are Logs? Definition Log Entry Components Sample Log Analysis Importance of Logs 1. System Troubleshooting 2. Cybersecurity Incident Response 3. Threat Hunting 4. Compliance Types of Logs in Computing Environments Integrative Analysis Data Visualization Data visualization tools, such as Kibana (of the … Read more
Views: 1013Step-by-Step Guide to Install MISP Using Docker on Ubuntu In this guide, we will walk through the steps to install the MISP (Malware Information Sharing Platform) using Docker on an Ubuntu server. Prerequisites Before we begin, make sure your system meets the following requirements: Step 1: Update Your Server and Install Docker First, ensure … Read more
Views: 44“The pattern matching swiss knife for malware researchers (and everyone else)” Useful Yara Resources Various Github repositories provide a wealth of examples of YARA, https://github.com/Yara-Rules/rules/tree/master/malware https://github.com/mikesxrs/Open-Source-YARA-rules/tree/masterUseful Yara Rules Repositories The DFIR Report” shares YARA rules derived from their investigations, https://github.com/The-DFIR-Report/Yara-RulesYara DFIR Report YARA in a nutshell YARA is a tool aimed at (but not limited … Read more
Views: 9NIST Cybersecurity Framework (CSF) and ISO/IEC 27001 NIST CSF Functions and Categories to ISO/IEC 27001 Annex A Controls Identify (ID) Protect (PR) Detect (DE) Respond (RS) Recover (RC) NIST SP 800-53 to ISO/IEC 27001 Annex A Controls Access Control (AC) Awareness and Training (AT) Audit and Accountability (AU) Security Assessment and Authorization (CA) Configuration … Read more
Views: 17Understanding the Digital Operational Resilience Act (DORA): A Comprehensive Overview In an era where digitalization permeates every aspect of our lives, the importance of cybersecurity and operational resilience has never been more critical. The European Union’s Digital Operational Resilience Act (DORA) stands as a landmark regulatory framework aimed at enhancing the digital operational resilience … Read more
Views: 45Understanding Windows Event Logs Each entry in the Windows Event Log is an “Event” and contains the following primary components: Windows logon types and logon codes Logs with event IDs 4624 and 4625 are generated every time there is a successful or failed logon on a local computer, respectively. In Windows, there are several … Read more
