Malware Analysis Tools, Part 1
In this overview we introduce the selection of the most used and most usable malware analysis tools.
Latest Posts
APT Cobalt Strike Campaign targeting Slovakia (DEF CON talk)
In March 2021 our researchers discovered APT campaign targeting Slovakia. We found that this campaign has been active at least since February 2021 and some C&C servers were still active in June 2021.
Supply chain attacks – Attacks on trust
The overall state of IT security can be described as never-ending wild arms race between attackers and defenders, vying for control over the single most valuable thing organizations possess – data.
Threat hunting with Osquery, Part 3 – Interaction with user accounts
Part 3 – Interaction with user accounts Frequent attacker strategical goal is to gain access to sensitive organization data and partial tactical goal to gain control over key infrastructure components.
From the Dark Web data to domain controller access
From the Dark Web data to domain controller access In previous articles, we have discussed what the dark web is and what data we can find there.
Threat hunting with Osquery, Part 2 – Command and Control
Part 2 – Command and Control After gaining initial access to a device, the attackers try to establish command and control (C&C, C2) over the device with the aim to use it in following stages of the attack.
Revil Ransomware used in Kaseya
Attackers compromised up to 1500 companies during massive ransomware attack, which is now reported as one of the largest cyber attacks ever.
Threat hunting with Osquery, Part 1 – Persistence
Part 1 – Persistence In the following three-part series, we will show a number of examples using Osquery for hunting of cyber threats on Windows machines.
What data is on the Dark Web?
Definition of the Dark Web The dark web is a part of the internet that is accessible through special software or settings, where the idea is a maximally anonymized access for its users.