The core function of a SOC (Security Operations Center) is to investigate, monitor, prevent, and respond to threats. SOC teams benefit from using a single platform with integrated yet disparate technologies for a full-picture view that is continually updated with emerging threat intelligence. This unified perspective simplifies security monitoring, supports incident response workflows, and provides …
Tag: Blue Team
Nov 27
Play ransomware infection routine
A ransomware gang named “Play” was discovered on the Dark Web. Along with them, a list of 22 victims has been revealed. There is a piece of evidence that points to a possible connection between Play ransomware and Quantum ransomware, which is an offshoot of the notorious Conti ransomware group. The Cobalt Strike beacons that …
Nov 24
Identify a piece of malware with Yara
Yara rules classify and identify malware samples by creating descriptions of malware families (it is a tool used to identify files, based on textual or binary pattern). YARA rules are like a piece of programming language, they work by defining a number of variables that contain patterns found in a sample of malware. If some …
- 1
- 2