Home » Other

Other

Everything which is not related to other sections

Supply Chain Risk: Exploiting Abandoned Domains of Linux Package Maintainers

- Posted in Other by
Supply Chain Risk: Exploiting Abandoned Domains of Linux Package Maintainers
Background: In my recent articles, we discussed a lot various supply chain attack scenarios. This led me to think about a new type of supply chain attack, specifically targeting Linux package [...] Read more

Adversarial nation IT talent

- Posted in Other by
Adversarial nation IT talent
Background: Sometimes, as an organization grows, it needs to hire specialists for remote work. However, you can never be certain whether the person standing opposite you is an impostor attempting to [...] Read more

Infinity War: Threat in the Docker Images

- Posted in Other by
Infinity War: Threat in the Docker Images
Background: In one of our previous articles, we discussed analyzing Docker images for vulnerabilities at the operating system level. In this article, we will explore another attack pattern related to [...] Read more

Trusted Insider, Unseen Adversary

- Posted in Other by
Trusted Insider, Unseen Adversary
Background: One of the best examples to understand insider threats or similar risks is to look at the case of DPRK (North Korean) IT workers. This is becoming one of the most widespread risks related [...] Read more

Hardcoded Hazards: Detecting Secret Leaks in Source Code

- Posted in Other by
Hardcoded Hazards: Detecting Secret Leaks in Source Code
Background: Organizations often invest significant resources in research and development (R&D), which can carry substantial risks—especially when sensitive information is inadvertently exposed [...] Read more

Achieving Persistence for Harmful Code on Specific Devices

- Posted in Other by
Achieving Persistence for Harmful Code on Specific Devices
Background: Some modern devices hold significant importance to attackers in the current threat landscape, especially mobile devices. The techniques used vary depending on the operating system [...] Read more

Exfiltrating Data via Images and Why trained Models Aren’t Ready for Malware Core Integration

- Posted in Other by
Exfiltrating Data via Images and Why trained Models Aren’t Ready for Malware Core Integration
Background: Today’s cybersecurity landscape is full of different malware families, and one notable type is infostealers. Infostealers operate by executing a payload on the victim’s machine, [...] Read more

Acquiring Memory in Digital Forensics: Vendor Tools vs. Custom Solutions

- Posted in Other by
Acquiring Memory in Digital Forensics: Vendor Tools vs. Custom Solutions
Background: Before analyzing volatility memory , there is a crucial preparatory stage: defining the tool scope for memory acquisition. In this phase, there are two primary approaches—either [...] Read more

The Evolution of Malware Infection Chains: Analysis of Multiplication and Complexity Over the Years

- Posted in Other by
The Evolution of Malware Infection Chains: Analysis of Multiplication and Complexity Over the Years
Background: In a perfect scenario, before malware is executed on a victim's machine, it must go through several stages and specialists. First, a core malware function writer develops its primary [...] Read more

When APTs Knock on Your Wi-Fi: Real-World Lessons for Better Security

- Posted in Other by
When APTs Knock on Your Wi-Fi: Real-World Lessons for Better Security
Background: Recently, I came across a notification about a highly targeted attack against a U.S. company, where the attacker exploited a neighboring network to perform lateral movement into the [...] Read more
Page 1 of 2