Category: SOC

Enterprise Cybersecurity challenges in 2023

In 2022, a lot of new variants of ransomware and groups (Ransomware as a Service) have targeted several major organizations and enterprises. New techniques (new features introduced by the notorious “LockBit” group, and a newcomer, “Play” that employs self-propagation techniques) and groups emerged as targeted ransomware attacks double in 2022. Today’s organizations, no matter their …

Continue reading

Advertisement

The core function of a SOC

The core function of a SOC (Security Operations Center) is to investigate, monitor, prevent, and respond to threats. SOC teams benefit from using a single platform with integrated yet disparate technologies for a full-picture view that is continually updated with emerging threat intelligence. This unified perspective simplifies security monitoring, supports incident response workflows, and provides …

Continue reading

Advertisement

Play ransomware infection routine

A ransomware gang named “Play” was discovered on the Dark Web. Along with them, a list of 22 victims has been revealed. There is a piece of evidence that points to a possible connection between Play ransomware and Quantum ransomware, which is an offshoot of the notorious Conti ransomware group. The Cobalt Strike beacons that …

Continue reading

Advertisement

Identify a piece of malware with Yara

Yara rules classify and identify malware samples by creating descriptions of malware families (it is a tool used to identify files, based on textual or binary pattern). YARA rules are like a piece of programming language, they work by defining a number of variables that contain patterns found in a sample of malware. If some …

Continue reading

OpenSSL patch (v3.0.7) for Vulnerability 2022

The OpenSSL patch (v3.0.7) is now released (OpenSSL patch v3.0.7 for Vulnerability 2022), and you still have time to assess what are the potentially vulnerable products in your environment. Here’s the link to download the fix. OpenSSL security update is out, with fixes for CVE-2022-3786 and CVE-2022-3602. Vulnerabilities were also downgraded from Critical to High …

Continue reading

error

Enjoy this blog? Please spread the word :)