Defending Against ClickFix and FakeCaptcha: Detection Techniques for Modern Malware Campaigns

- Posted in Hardenings by
Defending Against ClickFix and FakeCaptcha: Detection Techniques for Modern Malware Campaigns
Background: ClickFix or FakeCaptcha attacks have become a common component of many attack campaigns. These techniques enable threat actors, with the user's unwitting assistance, to execute arbitrary [...] Read more

Hardcoded Hazards: Detecting Secret Leaks in Source Code

- Posted in Other by
Hardcoded Hazards: Detecting Secret Leaks in Source Code
Background: Organizations often invest significant resources in research and development (R&D), which can carry substantial risks—especially when sensitive information is inadvertently exposed [...] Read more

Inside the Attack: How Smishing Campaigns Are Evolving with Covert Data Theft Methods

- Posted in Threat Analyze by
Inside the Attack: How Smishing Campaigns Are Evolving with Covert Data Theft Methods
Background: Recently, there has been a noticeable increase in attacks carried out by fraudsters. These attackers use various delivery methods, ranging from social media platforms to SMS messages and [...] Read more

Decrypting Hope: Strategies for Recovery from Ransomware Encryption

- Posted in Incident Response by
Decrypting Hope: Strategies for Recovery from Ransomware Encryption
Background: Sometimes, during incidents involving ransomware-related threat actors, the investigation into the recovery process can reveal solutions closer than you might think. It’s important to [...] Read more

A Holistic Approach to Organizational Incident Response Design: Integrating People, Process, and Technology

- Posted in Incident Response by
A Holistic Approach to Organizational Incident Response Design: Integrating People, Process, and Technology
Background: When an incident occurs in your environment, you should be prepared to respond effectively from the perspectives of people, processes, and technologies. Proper preparation ensures a [...] Read more

Navigating Incident Response When Logs Are Missing

- Posted in Incident Response by
Navigating Incident Response When Logs Are Missing
Background: In incident response log collection, you might encounter situations where EDR/XDR solutions or log collectors are not present on a machine. Additionally, some syslogs might be missing. [...] Read more

Achieving Persistence for Harmful Code on Specific Devices

- Posted in Other by
Achieving Persistence for Harmful Code on Specific Devices
Background: Some modern devices hold significant importance to attackers in the current threat landscape, especially mobile devices. The techniques used vary depending on the operating system [...] Read more

Exfiltrating Data via Images and Why trained Models Aren’t Ready for Malware Core Integration

- Posted in Other by
Exfiltrating Data via Images and Why trained Models Aren’t Ready for Malware Core Integration
Background: Today’s cybersecurity landscape is full of different malware families, and one notable type is infostealers. Infostealers operate by executing a payload on the victim’s machine, [...] Read more

Mitigating Cloud Risks: Simple Steps to Prevent Incidents

- Posted in Hardenings by
Mitigating Cloud Risks: Simple Steps to Prevent Incidents
Background: Based on well-known practices and yearly reviews over the infosec industry channels, a significant part of incidents occurring in the cloud are primarily caused by misconfigurations of [...] Read more

Acquiring Memory in Digital Forensics: Vendor Tools vs. Custom Solutions

- Posted in Other by
Acquiring Memory in Digital Forensics: Vendor Tools vs. Custom Solutions
Background: Before analyzing volatility memory , there is a crucial preparatory stage: defining the tool scope for memory acquisition. In this phase, there are two primary approaches—either [...] Read more
Page 1 of 5