sanjiThreat Actor TTPs — Flashcards Flashcard Set 1: Nation-State Threat Actors Q: What are the primary TTPs of APT29 (Cozy Bear, Russia)? A: Attack Chain Example: Q: What techniques does…
sanjiTop Threat Actors TTPs1. Nation-State Threat Actors These groups are often state-sponsored and target governments, infrastructure, and large enterprises. 2. Cybercriminal Groups These actors are financially motivated, targeting organizations and…
sanjiCrowdstrike and Windows defender for the NonEuclid RAT The NonEuclid Remote Access Trojan (RAT) is a sophisticated malware developed in C# that offers unauthorized remote access to compromised Windows systems.…
sanjiEnhancement in firewall security and prevent malicious IPs. To enhance firewall security and prevent malicious IPs from gaining access, several advanced improvements can be made. These advancements leverage AI, automation,…
sanjiMalware Analysis Methods Malware analysis involves examining suspicious files or programs to understand their behavior, impact, and mitigation strategies. The key methods include: 1. Static Analysis 2. Dynamic Analysis 3.…
sanjiWindows lateral movement by using RPC Lateral movement using Remote Procedure Call (RPC) is a common technique attackers use to pivot across Windows systems in a network. RPC allows processes…
sanjiTCP handshake and TLS handshake Attackers often abuse legitimate communication protocols like the TCP handshake and TLS handshake to establish secure connections for malicious activities. Here’s how they use these…
sanjiThe Rise of AI in Cyber Security: Benefits and Risks Introduction As cyber threats become more sophisticated, organizations are increasingly turning to artificial intelligence (AI) to bolster their cyber security…
sanjiChallenges in SOC Challenges in a Security Operations Center (SOC) can be grouped into several categories, as they stem from operational, technical, organizational, and resource-related issues. Here are the key…
