Collaborate Disseminate
Malware threat hunting is the process of proactively searching for malicious activity. It is a critical part of any organization’s security posture, as it can help to identify and mitigate threats that may have otherwise gone undetected.
An Incident Response (IR) examiner faced with a case or asked whether something ‘funny’ or ‘bad’ happened on a host will wonder if a comprehensive file listing is attainable for the system in question. Sometimes this comes in the form of a question, such as “How long has that malware been there,” or “Was the…
The post Incident Response: Bring Out the Body File appeared first on TrustedSec.
Google Workspace (formerly G Suite) has a weak spot that can prevent the discovery of data exfiltration from Google Drive by a malicious outsider or insider, Mitiga researchers say. A problem for digital forensic analysts and incident responders “… Continue reading Threat actors can exfiltrate data from Google Drive without leaving a trace
It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals […]
The post Despite Tech Layoffs, Cybersecurity Positions are Hiring appeared first on Security Intelligence.
Continue reading Despite Tech Layoffs, Cybersecurity Positions are Hiring
White hat hackers serve as a crucial line of cyber defense, working to identify and mitigate potential threats before malicious actors can exploit them. These ethical hackers harness their skills to assess the security of networks and systems, ultimately helping organizations bolster their digital defenses. But what drives someone to pursue a career as a […]
The post How I Got Started: White Hat Hacker appeared first on Security Intelligence.
We all have witnessed automated advances creep into our modern threat hunting processes – and with good reason. As the rate of cyberattacks steadily increases, automated threat hunting processes are being integrated to help stem the tide by provi… Continue reading Is human threat hunting a fool’s errand?
Security analysts face the demanding task of investigating and resolving increasing volumes of alerts daily, while adapting to an ever-changing threat landscape and keeping up with new technology. To complicate matters further, the cybersecurity workfo… Continue reading The warning signs for security analyst burnout and ways to prevent
Within the first two installments of this series, we identified the key to successful incident preparation starts with making sure a solid incident triage process is in place, centralized analysis documentation is created, and the incident communication cadence has been solidified. This, in conjunction with a well-oiled rapid triage Windows artifact processing plan, allows analysts…
The post Incident Response Rapid Triage: A DFIR Warrior’s Guide (Part 3 – Network Analysis and Tooling) appeared first on TrustedSec.
In Part 1 of this series, we identified that there are three (3) key parts to successful incident preparation: ensuring that a solid incident triage process is in place, creating centralized analysis documentation, and solidifying incident communication. In Part 2 of this series, I will delve into the process of thoroughly evaluating the incident, explore…
The post Incident Response Rapid Triage: A DFIR Warrior’s Guide (Part 2 – Incident Assessment and Windows Artifact Processing) appeared first on TrustedSec.
In this series, I will be discussing how to handle an incident with the speed and precision of a DFIR warrior. With a rapid triage mindset, you’ll be able to assess the situation quickly and efficiently, just like a Jiu-Jitsu practitioner sizing up their opponent before delivering a devastating submission. You will have the tools…
The post Incident Response Rapid Triage: A DFIR Warrior’s Guide (Part 1 – Process Overview and Preparation) appeared first on TrustedSec.