Hardenings

All the information related to assets technical hardening

Part1: Kernel protection preventive mechanisms in Linux systems and methods for monitoring them

- Posted in Hardenings by
The Linux kernel implements several protection mechanisms, including: Lockdown mode (Kernel, kernel security feature) SLUB/SLAB hardening (Kernel, kernel security feature) Kernel Address Space Layout [...] Read more

Custom Approaches to Vulnerability Detection in Docker Containers

- Posted in Hardenings by
Background: Today, the industry already provides the capability to use dedicated scanners for Docker images and containers. However, what if you do not have the budget to acquire such tools? In this [...] Read more

Defending Against ClickFix and FakeCaptcha: Detection Techniques for Modern Malware Campaigns

- Posted in Hardenings by
Background: ClickFix or FakeCaptcha attacks have become a common component of many attack campaigns. These techniques enable threat actors, with the user's unwitting assistance, to execute arbitrary [...] Read more

Mitigating Cloud Risks: Simple Steps to Prevent Incidents

- Posted in Hardenings by
Background: Based on well-known practices and yearly reviews over the infosec industry channels, a significant part of incidents occurring in the cloud are primarily caused by misconfigurations of [...] Read more

Fortifying Cyber Defenses: Correlating Data Leaks, LLMs, and Official Guidelines to Combat Ransomware

- Posted in Hardenings by
Background: I came across an interesting method that highlights why integrating Threat Intelligence, Official Recommendations, and LLMs can create a more robust perimeter to combat threats like [...] Read more

From Sigma to Scale: Enhancing SIEM Detection Engineering in Cloud Environments

- Posted in Hardenings by
Background: It's no surprise that even security tools require maintenance, especially when scaling. Based on your chosen strategy, security detection engineers should review their environment every [...] Read more

T1590.001: Exposed Domain Registration Records – A Tool for Both Threat Actors and Cyber Defenders

- Posted in Hardenings by
Background: Before coming across this shared article, I noticed an interesting correlation: sometimes, domain registrar customers forget to enable email privacy. Once this oversight is discovered, [...] Read more

Windows Subsystem for Linux: Addressing Security Misconceptions and Risks

- Posted in Hardenings by
One of the great features of Windows is its ability to run Linux distributions through the Windows Subsystem for Linux (WSL). However, have you ever considered what actions you can perform in this [...] Read more

Attacks over typosquated domains and the way of detection

- Posted in Hardenings by
Background: At the core of many successful attacks lies a simple idea: exploiting human perceptual weaknesses combined with psychological manipulation. One common method to achieve this is by using [...] Read more

Mitigating the Risk: CVE-2024-39929 and Securing Exim Servers

- Posted in Hardenings by
Background: Exim is a mail transfer agent designed for Unix-like systems, providing flexible capabilities for managing your own email server. It serves as the entry point for email communication [...] Read more
Page 2 of 2