Cybersecurity threat portal

Background: During a cybersecurity incident in the cloud, one of the mandatory steps is to take a snapshot of the machine that contains the threat, isolate it, and preserve the snapshot or filesystem [...] Read more

Background: In my previous article, I covered, at a high level, all the necessary actions required to prepare for volatile memory dumping in the case of a cybersecurity incident. This process is [...] Read more

Background: In a previous article, I discussed the high-level preparations needed to acquire an image of a machine requiring forensic analysis. However, have you considered the caveats related to [...] Read more

Background: In contrast to classic logging systems that preserve on-premises data, cloud systems require some familiarity with the components provided by cloud vendors. To prepare for cloud [...] Read more

Background: In our previous article, we discussed the preparation needed for the "log collection" stage of incident response, which is essential for the "analysis" stage. We covered how to prepare [...] Read more

Background: During incident response, one often encounters situations requiring the acquisition of logs for forensic analysis to assess the impact of an incident. There are three primary methods for [...] Read more

Background: In incident response, knowing how to analyze malware is crucial. Relying only on sandboxes to study malware behavior often isn't enough. Sandboxes might miss important details that could [...] Read more

Background: Qualys researchers have announced that a side effect, stemming from the default inclusion of OpenSSH in Ubuntu systems and widespread use in other distros, allowed them to achieve Remote [...] Read more

Background: A supply chain attack involving a popular JavaScript library being served over a dedicated content delivery network (CDN) could result in the injection of harmful code into web pages that [...] Read more