The Invisible Threat: How to Detect Physical Keystroke Injection Implants

- Posted in Threat Analyze by
The Invisible Threat: How to Detect Physical Keystroke Injection Implants
Background: In today's cybersecurity landscape, there are many attack types. One of them is hardware-based, which can be leveraged by threat actors to connect special keystroke injection devices into [...] Read more

No Way to Escape: Linux Malware Sandbox Detection Development Fundamental Component from Scratch

- Posted in Threat Analyze by
No Way to Escape: Linux Malware Sandbox Detection Development Fundamental Component from Scratch
Background: Linux malware is a rare example that can be encountered within an environment during its functional process. This presents a real challenge for beginners attempting malware analysis [...] Read more

Defending Against ClickFix and FakeCaptcha: Detection Techniques for Modern Malware Campaigns

- Posted in Hardenings by
Defending Against ClickFix and FakeCaptcha: Detection Techniques for Modern Malware Campaigns
Background: ClickFix or FakeCaptcha attacks have become a common component of many attack campaigns. These techniques enable threat actors, with the user's unwitting assistance, to execute arbitrary [...] Read more

Hardcoded Hazards: Detecting Secret Leaks in Source Code

- Posted in Other by
Hardcoded Hazards: Detecting Secret Leaks in Source Code
Background: Organizations often invest significant resources in research and development (R&D), which can carry substantial risks—especially when sensitive information is inadvertently exposed [...] Read more

Inside the Attack: How Smishing Campaigns Are Evolving with Covert Data Theft Methods

- Posted in Threat Analyze by
Inside the Attack: How Smishing Campaigns Are Evolving with Covert Data Theft Methods
Background: Recently, there has been a noticeable increase in attacks carried out by fraudsters. These attackers use various delivery methods, ranging from social media platforms to SMS messages and [...] Read more

Decrypting Hope: Strategies for Recovery from Ransomware Encryption

- Posted in Incident Response by
Decrypting Hope: Strategies for Recovery from Ransomware Encryption
Background: Sometimes, during incidents involving ransomware-related threat actors, the investigation into the recovery process can reveal solutions closer than you might think. It’s important to [...] Read more

A Holistic Approach to Organizational Incident Response Design: Integrating People, Process, and Technology

- Posted in Incident Response by
A Holistic Approach to Organizational Incident Response Design: Integrating People, Process, and Technology
Background: When an incident occurs in your environment, you should be prepared to respond effectively from the perspectives of people, processes, and technologies. Proper preparation ensures a [...] Read more

Navigating Incident Response When Logs Are Missing

- Posted in Incident Response by
Navigating Incident Response When Logs Are Missing
Background: In incident response log collection, you might encounter situations where EDR/XDR solutions or log collectors are not present on a machine. Additionally, some syslogs might be missing. [...] Read more

Achieving Persistence for Harmful Code on Specific Devices

- Posted in Other by
Achieving Persistence for Harmful Code on Specific Devices
Background: Some modern devices hold significant importance to attackers in the current threat landscape, especially mobile devices. The techniques used vary depending on the operating system [...] Read more

Exfiltrating Data via Images and Why trained Models Aren’t Ready for Malware Core Integration

- Posted in Other by
Exfiltrating Data via Images and Why trained Models Aren’t Ready for Malware Core Integration
Background: Today’s cybersecurity landscape is full of different malware families, and one notable type is infostealers. Infostealers operate by executing a payload on the victim’s machine, [...] Read more
Page 6 of 10