Blogs
As cybersecurity professionals, we encounter many cybersecurity issues, vulnerabilities, and trending threats on a daily basis. In an effort to share this knowledge with those who may find it helpful, we frequently post blogs on these topics. Our goal is to provide valuable information to those who are searching for it.
Hunting Down Remcos RAT: How CrowdStrike Update Mishaps Can Reveal Hidden Threats
Table Of Contents Background Threat Landscape Threat Hunting Importance of Hypothesis in Threat Hunting Methodologies of Hypothesis Based hunting Plan Document IOCs Gathering TTPs Information MITRE Mapping Behavioral Analysis Investigate Mitigate Conclusion Background Recently, the cybersecurity community faced a significant challenge worldwide due to a BSOD (Blue Screen of Death) error caused by a CrowdStrike update.
Read More
Reversing Malware Internals: DarkGate v6
Table Of Contents Execution Flow Technical Analysis Initial Stager URL Obfuscation Second Stager CAB Extraction & Execution by DLL Third Stager DLL SideLoading Decrypting Files from Encryted Dropper Drop Next Stager Files Fourth Stager Decrypting Obfuscated Autoit (.
Read More
Hunting Down Remcos RAT: How CrowdStrike Update Mishaps Can Reveal Hidden Threats
Table Of Contents Background Threat Landscape Threat Hunting Importance of Hypothesis in Threat Hunting Methodologies of Hypothesis Based hunting Plan Document IOCs Gathering TTPs Information MITRE Mapping Behavioral Analysis Investigate Mitigate Conclusion Background Recently, the cybersecurity community faced a significant challenge worldwide due to a BSOD (Blue Screen of Death) error caused by a CrowdStrike update.
Read More
Maximizing SIEM Efficiency: A Guide to Prioritizing Log Sources for Effective SOC Implementation
Table Of Contents Understanding the Importance of Log Sources in SIEM Key Considerations for Prioritizing Log Sources 1.
Read MoreAnalysis on “MalDoc in PDF”
Table Of Contents Introduction: Identification: Analysis Static Analysis Dynamic Analysis: Detection with YARA: IoC: Introduction: This year, in July, a new “MalDoc in PDF” attack which could evade detection and analysis was shared by JPCERT.
Read MoreBlack Basta 1.0 Ransomware
Table Of Contents Introduction Case Study: Black Basta 1.0 Identification Analysis MITRE ATT&CK TTP: Detection with YARA: This blog will be covering code level analysis of Black Basta 1.
Read MoreMalware Families Attempting to Exploit Legacy Vulnerability (CVE-2017–11882)
Table Of Contents Introduction: CVE-2017–11882 Summary: Technical Analysis: Identification: Analysis: Recommendations: Conclusion: Introduction: CVE-2017–11882, a 6-year-old vulnerability in Microsoft Office, is still being attempted to exploit by several malware families.
Read MoreRhysida 0.1 Ransomware
Table Of Contents Introduction: Case Study: Rhysida 0.1 Ransomware Identification: Analysis: MITRE ATT&CK TTP: Detection with YARA: Conclusion: Introduction: arlier this year, in May, Rhysida, a new ransomware strain has surfaced.
Read More
Analysis on malware imposing as adult content of Nepali celebrity
Table Of Contents Background Analysis MITRE ATT&CK TTP Further Findings Indicator of Compromise (IoC) Recommendations Background In the recent month, there is misinformation circulating concerning leaks of private video of Nepali female celebrities.
Read More