Tag: SoC
-
Developing and prioritizing a detection engineering backlog based on MITRE ATT&CK
How a SOC can efficiently manage priorities when writing detection logic for various MITRE ATT&CK techniques and what tools can …
-
Trusted relationship attacks: trust, but verify
We analyze the tactics and techniques of attackers targeting organizations through trusted relationships – that is, through contractors …
-
ShrinkLocker: Turning BitLocker into ransomware
The Kaspersky GERT has detected a new group that has been abusing Microsoft Windows features by modifying the system to lower the defenses …
-
A journey into forgotten Null Session and MS-RPC interfaces
This is the first part of the research, devoted to null session vulnerability, unauthorized MS-RPC interface and domain user …
-
Incident response analyst report 2023
The report shares statistics and observations from incident response practice in 2023, analyzes trends and gives cybersecurity …
-
SlashNext unveils AI service to tackle increasing spam and ‘graymail’
Phishing protection company SlashNext Inc. today announced the launch of an artificial intelligence-powered spam and “graymail” …
-
Managed Detection and Response in 2023
The report covers the tactics, techniques and tools most commonly deployed by threat actors, the nature of incidents detected and their …
-
A patched Windows attack surface is still exploitable
In this report, we highlight the key points about a class of recently-patched elevation-of-privilege vulnerabilities affecting Microsoft …
-
What to do if your company was mentioned on Darknet?
We created a list of companies worldwide from different industries and searched through Darknet trying to find out how likely these …
-
From Caribbean shores to your devices: analyzing Cuba ransomware
The article analyzes the malicious tactics, techniques and procedures (TTP) used by the operator of the Cuba ransomware, and details a Cuba …
-
Understanding Malware-as-a-Service
What Malware-as-a-Service includes, on what terms cybercriminals offer it, and what malware they most often distribute under this …
-
Thinking straight in the SoC: How AI erases cognitive bias
What do bears and cyber criminals have in common? Both of them are scary, and they both have the same effect on security …
●●●