Home » Archive for April 2025

Navigating Incident Response When Logs Are Missing

- Posted in Incident Response by
Navigating Incident Response When Logs Are Missing
Background: In incident response log collection, you might encounter situations where EDR/XDR solutions or log collectors are not present on a machine. Additionally, some syslogs might be missing. [...] Read more

Achieving Persistence for Harmful Code on Specific Devices

- Posted in Other by
Achieving Persistence for Harmful Code on Specific Devices
Background: Some modern devices hold significant importance to attackers in the current threat landscape, especially mobile devices. The techniques used vary depending on the operating system [...] Read more

Exfiltrating Data via Images and Why trained Models Aren’t Ready for Malware Core Integration

- Posted in Other by
Exfiltrating Data via Images and Why trained Models Aren’t Ready for Malware Core Integration
Background: Today’s cybersecurity landscape is full of different malware families, and one notable type is infostealers. Infostealers operate by executing a payload on the victim’s machine, [...] Read more

Mitigating Cloud Risks: Simple Steps to Prevent Incidents

- Posted in Hardenings by
Mitigating Cloud Risks: Simple Steps to Prevent Incidents
Background: Based on well-known practices and yearly reviews over the infosec industry channels, a significant part of incidents occurring in the cloud are primarily caused by misconfigurations of [...] Read more