Yara

by
This entry is part 14 of 25 in the series Threat Detection Engineering

Views: 40“The pattern matching swiss knife for malware researchers (and everyone else)”  Useful Yara Resources Various Github repositories provide a wealth of examples of YARA, https://github.com/Yara-Rules/rules/tree/master/malware https://github.com/mikesxrs/Open-Source-YARA-rules/tree/masterUseful Yara Rules Repositories The DFIR Report” shares YARA rules derived from their investigations, https://github.com/The-DFIR-Report/Yara-RulesYara DFIR Report YARA in a nutshell YARA is a tool aimed at (but not limited … Read more

Web Attacks

by
This entry is part 2 of 3 in the series Offensive Testing Enterprise Networks

Views: 17Enumeration & Brute Force Authentication enumeration is a fundamental aspect of security testing, concentrating specifically on the mechanisms that protect sensitive aspects of web applications; this process involves methodically inspecting various authentication components ranging from username validation to password policies and session management. Each of these elements is meticulously tested because they represent potential … Read more

NIST Cybersecurity Framework (CSF) and ISO/IEC 27001

by
close up view of system hacking
This entry is part 2 of 3 in the series Cyber Security Frameworks

Views: 9NIST Cybersecurity Framework (CSF) and ISO/IEC 27001 NIST CSF Functions and Categories to ISO/IEC 27001 Annex A Controls Identify (ID) Protect (PR) Detect (DE) Respond (RS) Recover (RC) NIST SP 800-53 to ISO/IEC 27001 Annex A Controls Access Control (AC) Awareness and Training (AT) Audit and Accountability (AU) Security Assessment and Authorization (CA) Configuration … Read more

Digital Operational Resilience Act (DORA)

by
close up view of system hacking
This entry is part 3 of 3 in the series Cyber Security Frameworks

Views: 17Understanding the Digital Operational Resilience Act (DORA): A Comprehensive Overview In an era where digitalization permeates every aspect of our lives, the importance of cybersecurity and operational resilience has never been more critical. The European Union’s Digital Operational Resilience Act (DORA) stands as a landmark regulatory framework aimed at enhancing the digital operational resilience … Read more

CTI_June2024: Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

by

Views: 12SOURCE: MS-ISAC TLP:CLEARMS-ISAC CYBERSECURITY ADVISORY MS-ISAC ADVISORY NUMBER:2024-074 DATE(S) ISSUED:06/25/2024 SUBJECT:Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution OVERVIEW:Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged … Read more

THREAT EMULATION: Introduction

by
This entry is part 4 of 17 in the series Red Team Engagements

Views: 59 Purpose of Threat Emulation Threat emulation is meant to assist security teams and organisations, in general, in better understanding their security posture and their defence mechanisms and performing due diligence in their compliance. These questions are addressed through cyber security assessments, mainly red team engagements, vulnerability assessments and penetration tests. Vulnerability assessments are … Read more

Decoding

by

Views: 10Most commonly used text encoding methods: Base64 Identifying Base64: base64 encoded strings are easily spotted since they only contain alpha-numeric characters. However, the most distinctive feature of base64 is its padding using = characters. The length of base64 encoded strings has to be in a multiple of 4. If the resulting output is only 3 characters long, for example, an extra = is … Read more