Blogs

As cybersecurity professionals, we encounter many cybersecurity issues, vulnerabilities, and trending threats on a daily basis. In an effort to share this knowledge with those who may find it helpful, we frequently post blogs on these topics. Our goal is to provide valuable information to those who are searching for it.

Hunting Down Remcos RAT: How CrowdStrike Update Mishaps Can Reveal Hidden Threats
Simran Karki
July 22, 2024

Hunting Down Remcos RAT: How CrowdStrike Update Mishaps Can Reveal Hidden Threats

Table Of Contents Background Threat Landscape Threat Hunting Importance of Hypothesis in Threat Hunting Methodologies of Hypothesis Based hunting Plan Document IOCs Gathering TTPs Information MITRE Mapping Behavioral Analysis Investigate Mitigate Conclusion Background Recently, the cybersecurity community faced a significant challenge worldwide due to a BSOD (Blue Screen of Death) error caused by a CrowdStrike update.

Read More
Reversing Malware Internals: DarkGate v6
September 8, 2024

Reversing Malware Internals: DarkGate v6

Table Of Contents Execution Flow Technical Analysis Initial Stager URL Obfuscation Second Stager CAB Extraction & Execution by DLL Third Stager DLL SideLoading Decrypting Files from Encryted Dropper Drop Next Stager Files Fourth Stager Decrypting Obfuscated Autoit (.

Read More
Hunting Down Remcos RAT: How CrowdStrike Update Mishaps Can Reveal Hidden Threats
Simran Karki
July 22, 2024

Hunting Down Remcos RAT: How CrowdStrike Update Mishaps Can Reveal Hidden Threats

Table Of Contents Background Threat Landscape Threat Hunting Importance of Hypothesis in Threat Hunting Methodologies of Hypothesis Based hunting Plan Document IOCs Gathering TTPs Information MITRE Mapping Behavioral Analysis Investigate Mitigate Conclusion Background Recently, the cybersecurity community faced a significant challenge worldwide due to a BSOD (Blue Screen of Death) error caused by a CrowdStrike update.

Read More
Maximizing SIEM Efficiency: A Guide to Prioritizing Log Sources for Effective SOC Implementation
Shreenkhala Bhattarai
September 12, 2023

Maximizing SIEM Efficiency: A Guide to Prioritizing Log Sources for Effective SOC Implementation

Table Of Contents Understanding the Importance of Log Sources in SIEM Key Considerations for Prioritizing Log Sources 1.

Read More
Analysis on “MalDoc in PDF”
September 7, 2023

Analysis on “MalDoc in PDF”

Table Of Contents Introduction: Identification: Analysis Static Analysis Dynamic Analysis: Detection with YARA: IoC: Introduction: This year, in July, a new “MalDoc in PDF” attack which could evade detection and analysis was shared by JPCERT.

Read More
Black Basta 1.0 Ransomware
September 7, 2023

Black Basta 1.0 Ransomware

Table Of Contents Introduction Case Study: Black Basta 1.0 Identification Analysis MITRE ATT&CK TTP: Detection with YARA: This blog will be covering code level analysis of Black Basta 1.

Read More
Malware Families Attempting to Exploit Legacy Vulnerability (CVE-2017–11882)
September 7, 2023

Malware Families Attempting to Exploit Legacy Vulnerability (CVE-2017–11882)

Table Of Contents Introduction: CVE-2017–11882 Summary: Technical Analysis: Identification: Analysis: Recommendations: Conclusion: Introduction: CVE-2017–11882, a 6-year-old vulnerability in Microsoft Office, is still being attempted to exploit by several malware families.

Read More
Rhysida 0.1 Ransomware
September 7, 2023

Rhysida 0.1 Ransomware

Table Of Contents Introduction: Case Study: Rhysida 0.1 Ransomware Identification: Analysis: MITRE ATT&CK TTP: Detection with YARA: Conclusion: Introduction: arlier this year, in May, Rhysida, a new ransomware strain has surfaced.

Read More
Analysis on malware imposing as adult content of Nepali celebrity
March 20, 2023

Analysis on malware imposing as adult content of Nepali celebrity

Table Of Contents Background Analysis MITRE ATT&CK TTP Further Findings Indicator of Compromise (IoC) Recommendations Background In the recent month, there is misinformation circulating concerning leaks of private video of Nepali female celebrities.

Read More