Skip to main content

Digital Forensics: Sleuthing A1

Whether providing valuable evidence that assists in the investigation and prosecutions of crime perpetrators or proving their innocence or as part of the post-breach investigation and incident response process in organizations of all sizes, digital forensics is a widely used craft by investigators in all sectors. The ever-growing advancements in information technology have potentially proven […]

Security Information and Event1

While there may be talk about SIEM joining the line of legacy technologies that are proclaimed “dead”, SIEM has been a core system for many security teams, and in different capacities. Furthermore, SIEM (along with its evolution) has been intertwined with relevant threats in the ecosystem as well as the market in which it is […]

Intrusion Prevention Systems: 1

Vulnerability assessment, the use of cyber intelligence feeds, attack surface management and other processes are all used to prevent threats from becoming security breaches. Organizations have also turned to solutions that detect and prevent cyberattacks by monitoring early indicators of attack in network traffic. After all, nearly all types of cyber threats use network communications […]

Intrusion Detection Systems: T1

Much of this focus has come about to address the sheer volume and sophistication of cyber threats in today’s landscape. The rise of malicious actors seeking to compromise data, steal information, disrupt services and cause damage has led to the implementation of numerous defense strategies, practices and technologies. Encrypting data, using firewalls to prevent unauthorized […]

JA3 Fingerprinting: Functional1

Consequently, if there’s one resounding principle actionable intelligence via internet scanning has taught us, it is that adopting a proactive attitude towards accurate threat identification and correlation is the necessary first step if we are serious (or even care) about evidence-based knowledge and contextualization dictating the flow of any successful investigation. This is particularly true […]

What is the NIST Cybersecurity1

Consequently, cyber attacks have become more widespread and sophisticated, impacting the critical infrastructures of many organizations and gaining access to their most valuable assets. Besides investing in technology, organizations should turn to relevant policies and industry standard frameworks to better inform their practices. It’s a critical step toward keeping data and systems secure and managing […]

Incident Response in Cybersecu1

We often say that in cybersecurity, it’s important to think about “when” an attack will occur, not “if” it will occur. And while being proactive is touted as the key to an organization’s most effective security posture, one should never dismiss the value of reactive security practices, either. Building up your defences against attacks and […]

Business Email Compromise (BEC1

Imagine this scenario: it’s tax season, and you work in the HR department. Your CEO sends you an email requesting copies of employee W-2s that include names, addresses, Social Security numbers, income data and tax information. With the sense of urgency that the tax season brings and a direct request from your CEO, what should […]

Kerberoasting Attacks Explaine1

This manifold implementation or process of brute forcing credential hashes within the Windows Active Directory ecosystem would soon become the de facto attack vector against the Kerberos protocol, leveraging certain exploitable authentication and encryption mechanisms of the popular MIT-born technology while embroiling the Redmond giant in a cascade of existential threats for years to come. […]