cybersecurity

Diamond Ticket Attacks: The Stealthy Kerberos Exploit Targeting Active Directory

Red-Team

Diamond Ticket Attacks: The Stealthy Kerberos Exploit Targeting Active Directory

The Diamond Ticket attack represents an advanced exploitation technique targeting Active Directory environments by manipulating Kerberos authentication...

Credential Dumping via Active Directory User Comments: Risks and Mitigations

News

Credential Dumping via Active Directory User Comments: Risks and Mitigations

Active Directory (AD) credential dumping remains a significant threat, with attackers increasingly exploiting overlooked attributes like user...

Kerberos Username Enumeration: Detection and Mitigation Strategies for Enterprise Security Teams

Blue-Team

Kerberos Username Enumeration: Detection and Mitigation Strategies for Enterprise Security Teams

Kerberos pre-authentication brute-force attacks pose a significant risk to Active Directory environments, enabling attackers to identify valid...

Active Directory Security: Mitigating Risks from Pre-Windows 2000 Compatibility Weaknesses

Blue-Team

Active Directory Security: Mitigating Risks from Pre-Windows 2000 Compatibility Weaknesses

Legacy configurations in Active Directory (AD) often introduce security vulnerabilities, and one of the most persistent risks...

Shadow Credentials Attack: Exploiting Active Directory for Stealthy Privilege Escalation

Blue-Team

Shadow Credentials Attack: Exploiting Active Directory for Stealthy Privilege Escalation

A Shadow Credentials attack is an advanced exploitation technique targeting Active Directory Certificate Services (AD CS), enabling...

0ktapus Phishing Campaign: How MFA Spoofing Compromised 130+ Organizations

APT-News

0ktapus Phishing Campaign: How MFA Spoofing Compromised 130+ Organizations

A sophisticated phishing campaign dubbed “0ktapus” successfully bypassed multi-factor authentication (MFA) protections to compromise over 130 organizations,...

GhostPack: Red Team Tactics for Active Directory Exploitation and Defense

Red-Team

GhostPack: Red Team Tactics for Active Directory Exploitation and Defense

Active Directory (AD) remains a prime target for attackers due to its central role in enterprise authentication...

Advanced Netsniff-ng: Enterprise-Grade Packet Analysis for Security Teams

Blue-Team

Advanced Netsniff-ng: Enterprise-Grade Packet Analysis for Security Teams

Netsniff-ng represents a paradigm shift in network traffic analysis, offering security professionals a zero-copy, high-performance toolkit for...

TCP Stream Analysis with Tcpick: A Security Professional’s Guide to PCAP Forensics

Blue-Team

TCP Stream Analysis with Tcpick: A Security Professional’s Guide to PCAP Forensics

Tcpick provides security teams with specialized capabilities for reconstructing and analyzing TCP streams from packet captures. This...

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

News

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

Network traffic analysis often reveals hidden artifacts, including images transferred over HTTP. These images can contain valuable...

Advanced Shodan CLI Techniques for Security Professionals: xargs, Download & Parse

News

Advanced Shodan CLI Techniques for Security Professionals: xargs, Download & Parse

Security teams at enterprise organizations can leverage Shodan’s command-line interface (CLI) to enhance external threat intelligence gathering....

How to Use CSPLIT for Efficient Log Management in Security Operations

News

How to Use CSPLIT for Efficient Log Management in Security Operations

Security professionals often deal with large log files that can be cumbersome to analyze. The csplit utility...

Autonomous SOC Revolution: How AI is Transforming Cybersecurity Defense

Blue-Team

Autonomous SOC Revolution: How AI is Transforming Cybersecurity Defense

The security operations center (SOC) is undergoing a radical transformation through AI and cloud-native detection technologies. Traditional...

Trojan.PS1.POWLOAD.JKP: COVID-19 Themed PowerShell Malware Targeting Italian Users

Malware Analysis

Trojan.PS1.POWLOAD.JKP: COVID-19 Themed PowerShell Malware Targeting Italian Users

A new variant of the POWLOAD Trojan has emerged, leveraging COVID-19 themes to target Italian users through...

Trojanized Zoom Installers Deliver Cryptocurrency Miner: Analyzing Trojan.Win32.MOOZ.THCCABO

Malware Analysis

Trojanized Zoom Installers Deliver Cryptocurrency Miner: Analyzing Trojan.Win32.MOOZ.THCCABO

A new malware campaign has been identified distributing trojanized versions of Zoom installers bundled with cryptocurrency mining...

Fake Zoom Installers Deliver Backdoor.Win32.DEVILSHADOW.THEAABO Malware

Malware Analysis

Fake Zoom Installers Deliver Backdoor.Win32.DEVILSHADOW.THEAABO Malware

A newly identified backdoor malware, Backdoor.Win32.DEVILSHADOW.THEAABO, has been discovered embedded in counterfeit Zoom installer packages. This threat...

Backdoor.MSIL.BLADABINDI.THA: Analyzing the Persistent Windows Backdoor Threat

Malware Analysis

Backdoor.MSIL.BLADABINDI.THA: Analyzing the Persistent Windows Backdoor Threat

Backdoor.MSIL.BLADABINDI.THA represents a concerning Windows-based backdoor malware that security teams should monitor, particularly due to its recent...

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Malware Analysis

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Trojan.MSIL.SUPERNOVA.A represents a significant Windows-based threat with high damage potential despite its currently limited distribution. First identified...

Trojan.INF.HIDDENTEAR.THAOGBA: Analysis of a Low-Risk Windows Trojan with Autorun Persistence

Malware Analysis

Trojan.INF.HIDDENTEAR.THAOGBA: Analysis of a Low-Risk Windows Trojan with Autorun Persistence

Trojan.INF.HIDDENTEAR.THAOGBA is a Windows-based Trojan classified as low-risk by Trend Micro. It spreads through malicious downloads or...

Ransom.MSIL.COBRALOCKER.AA: Technical Analysis of an Evolving Ransomware Threat

Malware Analysis

Ransom.MSIL.COBRALOCKER.AA: Technical Analysis of an Evolving Ransomware Threat

Summary: Ransom.MSIL.COBRALOCKER.AA represents a Windows-targeting ransomware strain first identified in January 2021, demonstrating low distribution but high...

Posts pagination

Previous 1 … 3 4 5 6 7 8 9 … 12 Next

cybersecurity

Diamond Ticket Attacks: The Stealthy Kerberos Exploit Targeting Active Directory

Credential Dumping via Active Directory User Comments: Risks and Mitigations

Kerberos Username Enumeration: Detection and Mitigation Strategies for Enterprise Security Teams

Active Directory Security: Mitigating Risks from Pre-Windows 2000 Compatibility Weaknesses

Shadow Credentials Attack: Exploiting Active Directory for Stealthy Privilege Escalation

0ktapus Phishing Campaign: How MFA Spoofing Compromised 130+ Organizations

GhostPack: Red Team Tactics for Active Directory Exploitation and Defense

Advanced Netsniff-ng: Enterprise-Grade Packet Analysis for Security Teams

TCP Stream Analysis with Tcpick: A Security Professional’s Guide to PCAP Forensics

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

Advanced Shodan CLI Techniques for Security Professionals: xargs, Download & Parse

How to Use CSPLIT for Efficient Log Management in Security Operations

Trojan.PS1.POWLOAD.JKP: COVID-19 Themed PowerShell Malware Targeting Italian Users

Trojanized Zoom Installers Deliver Cryptocurrency Miner: Analyzing Trojan.Win32.MOOZ.THCCABO

Fake Zoom Installers Deliver Backdoor.Win32.DEVILSHADOW.THEAABO Malware

Backdoor.MSIL.BLADABINDI.THA: Analyzing the Persistent Windows Backdoor Threat

Trojan.MSIL.SUPERNOVA.A: Technical Analysis of the Windows Trojan Threat

Trojan.INF.HIDDENTEAR.THAOGBA: Analysis of a Low-Risk Windows Trojan with Autorun Persistence

Ransom.MSIL.COBRALOCKER.AA: Technical Analysis of an Evolving Ransomware Threat

You may have missed

Trump Administration Considers TikTok Deal Allowing Chinese Algorithm Ownership

How Intezer’s AI SOC Balances Automation with Human Expertise

How Security Platformization Improves Threat Response and Operational Efficiency

World Backup Day: Essential Strategies for Enterprise Data Protection