Blogs
As cybersecurity professionals, we encounter many cybersecurity issues, vulnerabilities, and trending threats on a daily basis. In an effort to share this knowledge with those who may find it helpful, we frequently post blogs on these topics. Our goal is to provide valuable information to those who are searching for it.
Hunting Down Remcos RAT: How CrowdStrike Update Mishaps Can Reveal Hidden Threats
Table Of Contents Background Threat Landscape Threat Hunting Importance of Hypothesis in Threat Hunting Methodologies of Hypothesis Based hunting Plan Document IOCs Gathering TTPs Information MITRE Mapping Behavioral Analysis Investigate Mitigate Conclusion Background Recently, the cybersecurity community faced a significant challenge worldwide due to a BSOD (Blue Screen of Death) error caused by a CrowdStrike update.
Read More
Threat Hunting with Windows Event Logs
Table Of Contents Introduction Event log structure in windows About Tools Logon Activity Groups Account Logon Enumeration Remote Desktop Connection (RDP) Network Share Schedule Tasks Services PowerShell WMI Removable Devices Log Clearing Detection About SayCure Hunting Approaches with SayCure Failed Logins Large numbers of failed logins on a single source within a small number of times.
Read More
Analysis on Stock Trading Nepal malware campaign
Table Of Contents Background Analysis Detection Through SayCure Indicator of Compromise Further Findings Recommendations Background In the recent event of time, there has been increase in scam and malware incidents in Nepal.
Read More
LogPoint and its SOAR
Table Of Contents LogPoint Introduction What is SOAR? Detection Installation Use case and trigger Playbooks Playbook Trigger (Automation) Conclusion If you are into the cyber world then you probably have heard of SIEM.
Read More
MSSPAlert lists CryptoGen Nepal for Top 250 MSSP Worldwide
Table Of Contents Introduction About us About CyberRisk Alliance Introduction CryptoGen Nepal is listed as Top 250 MSSP.
Read More
MEGA's Unlimited Cloud Storage Vulnerability
Background Back in June 2022, I found a flaw in the MEGA cloud storage system that let me store more data than they permit for free accounts.
Read More
Arithmetic Vulnerabilities in Smart Contracts
Forword This is fourth in a series of articles on vulnerabilities that smart contracts are susceptible to.
Read MoreSignature Malleability Vulnerabilities in Smart Contracts
Table Of Contents Foreword Contents Cryptography Basics Hashing Encryption Digital Signature Cryptography in Ethereum Elliptic Curve Cryptography Overview Point Addition Scalar Multiplication Key generation Signatures in Ethereum ECRECOVER Overview Security Risk Mitigation Measure References Foreword This is third in a series of articles on vulnerabilities that smart contracts are susceptible to.
Read MoreRe-entrancy Vulnerabilities in Smart Contracts
Table Of Contents Foreword Contents Re-entrancy Overview Security Risk Example Identification techniques Mitigation measures References Foreword This is second in a series of articles on vulnerabilities that smart contracts are susceptible to.
Read More