Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-04-11 20:27:32 |
A Detailed Guide on AMSI Bypass (lien direct) |
Introduction Windows developed the Antimalware Scan Interface (AMSI) standard that allows a developer to integrate malware defense in his application. AMSI allows an application to
|
Malware
|
|
|
|
2021-05-05 19:11:28 |
Wireshark for Pentester: Decrypting RDP Traffic (lien direct) |
Over the last few years, attackers used the Remote Desktop Protocol (RDP) for accessing unsecured servers and company networks. In ransomware malware attacks since 2017, RDP has become a major vector. Security professionals have focused their attention increasingly on this protocol by writing signatures to detect and prevent attacks of
|
Ransomware
Malware
|
|
|
|
2020-11-18 12:14:27 |
AlienVault: Threat Hunting/Network Analysis (lien direct) |
What is threat hunting? The process of threat hunting involves proactively searching for malware or attackers that are hiding within a network. Rather than simply relying on security solutions or services to detect threats, threat hunting is a predictive element to a layered security strategy, empowering organizations to go on the offensive looking for threats.... Continue reading →
|
Malware
Threat
|
|
|
|
2020-08-19 21:04:06 |
Threat Intelligence: MISP Lab Setup (lien direct) |
MISP is an open-source Threat intelligence and sharing platform (formerly known as Malware Information Sharing Platform) that is used for collecting, storing distributing and sharing cybersecurity indicators and threats about cybersecurity incidents & malware analysis. MISP provides facilities to support the exchange of information but also the consumption of information by network intrusion detection systems... Continue reading →
|
Malware
Threat
|
|
|
|
2020-04-25 16:03:31 |
Domain Controller Backdoor: Skeleton Key (lien direct) |
When the many people around were fighting the good fight for Net Neutrality, talented people over Dell SecureWorks Counter Threat Unit or CTU discovered a malware that can bypass the authentication on Active Directory Systems around the world. This poses a threat to all those systems that have implemented a single-factor authentication. Multiple Factor Authentication... Continue reading →
|
Malware
Threat
|
|
|