Cybersecurity is one of the most important issues facing businesses today. With the rise of data breaches and other cyber attacks, it is more important than ever to protect your business from these threats. One way to do this is by implementing a security operation center (SOC). A SOC isContinue Reading
In its simplest definition, threat hunting is a process to identify whether adversaries reached to the organization’s network or not. Despite many precautions taken at the perimeter level and many technologies used, breaches cannot be prevented. As a result of this situation, technologies to detect whether an attacker is insideContinue Reading
A threat actor calling herself as ‘0xFF’ advertised a new RAT in HackForums. According to the threat actor, this new RAT tool is supporting Windows (amd64, i386, arm, arm64), Linux (amd64, i386, arm, arm64), Darwin (MacOS) (amd64(Intel), arm64(m1)) and Android (bin) (amd64, i386, arm, arm64). This Multi-OS RAT has featuresContinue Reading
While creating a virtual environment, basically $ virtualenv venv comment may not work because of the python version installed on the machine. It can cause the error below; The best way is to run the command and create a virtual environment in MacOS is to run the command below; $Continue Reading
As more and more companies are starting to use cloud because of ease of deployment and integration with business needs and due to its scalability, the pandemic and changing business models forced usage of it more. From IT perspective, cloud usage provides a lot of convenience. With using cloud, companiesContinue Reading
Symantec Threat Hunter Team published a post about evidence that an increasing number of ransomware attackers are using virtual machines (VMs) in order to run their ransomware payloads on compromised computers. The purpose of using VMs on ransomware attacks is thought to hide the malicious activities. It is stated thatContinue Reading
VMware Carbon Black has published an update to resolve critical authentication bypass vulnerability on Carbon Black App Control product. App Control is a solution to lock down critical systems and servers to prevent unwanted changes and ensure continuous compliance with regulatory mandates. This authentication bypass vulnerability was followed by CVE-2021-21998.Continue Reading
Although Threat Hunting is nothing new, it is a very hot topic lately. Even if you have perimeter and endpoint security devices and SIEM for collecting and correlating logs from them, it is not a good way to wait for incidents coming. Without Threat Hunting, dwell time is increasing moreContinue Reading
Kali Linux 2021.2 is released with some new tools called Kaboxer and Kali-Tweaks and some cosmetic changes. Kaboxer provides dockers to use applications that they cannot work in newly OSs anymore or need isolation. Kali-Tweaks is a tool that makes it easy for users to configure their OS. Users canContinue Reading
FireEye, one of the most important security companies announced that they had an agreement to sell FireEye products including FireEye name to Symphony Technology Group (STG) in an all-cash transaction for $1.2 billion. A few months ago, FireEye repositioned some products in Mandiant name. ISight Threat Intelligence and Verodin was positioned inContinue Reading