Cybersecurity threat portal

Background: In a previous article, we discussed the method for creating a USB flash drive to acquire forensic images. In this article, I'll explain how to leverage the previously created tool during [...] Read more

Background: Incident response is divided into two parts: hands-on activities and management activities. We have discussed hands-on activities extensively. However, if we want to present the activity [...] Read more

Background: Sometimes, during incidents involving ransomware-related threat actors, the investigation into the recovery process can reveal solutions closer than you might think. It’s important to [...] Read more

Background: When an incident occurs in your environment, you should be prepared to respond effectively from the perspectives of people, processes, and technologies. Proper preparation ensures a [...] Read more

Background: In incident response log collection, you might encounter situations where EDR/XDR solutions or log collectors are not present on a machine. Additionally, some syslogs might be missing. [...] Read more

Background: In the previous article, we discussed how files are stored inside drives and highlighted the essential metrics to consider after acquiring the storage footprint. Now, we will dive deeper [...] Read more

Background: In one of our previous articles, I've introduced the process of preparing a USB drive/tool for forensic analysis. Now, it is time to delve one level deeper and explore the key points that [...] Read more

Background: That being said, the incident response subprocess, from the perspective of budgeting and complexity, is not necessarily easy. However, today's tooling and built-in tools provide us with [...] Read more

Background: Brand protection is one of the pillars of your online business. When your digital presence is impactful, various threat actors and similar entities may try to exploit it by impersonating [...] Read more

Background: During the incident response stage of "Log Collection," it is highly valuable to collect comprehensive data from the servers, especially when the affected system is running Windows OS. [...] Read more