F5 BIG-IP critical vulnerability

Detect F5 BIG-IP Critical Vulnerability Exploitation Attempt with Free Sigma Detection Rule

  To apply this detection rule, you can convert it to your SIEM language. It is also recommended to update BIG-IP to the latest version. More information available here.  You can also detect CMSTP.exe with INF files infected with malicious commands with our previous free Splunk detection rule.   Secure Your Organization’s Mind with Securemind.se

block indicators

Detect Indicator Blocking with these free splunk Detection Rules

An adversary may attempt to block indicators or events typically captured by sensors from being gathered and analyzed. This could include maliciously redirecting or even disabling host-based sensors, such as Event Tracing for Windows (ETW), by tampering settings that control the collection and flow of event telemetry.  These settings may be stored on the system in configuration files…

Offensive cybersecurity threat hunting

From defensive to offensive cybersecurity: organizations’ most essential security measures

Cybersecurity has turned into one of the fundamental components of any organization in the last two decades. The world has evolved; leading to the advance in technology and alongside it, threats. Organizations need to invest more in building a strong, functional cybersecurity infrastructure to protect their facilities and assets from internal and external threats. Before,…

proactive cybersecurity vs reactive threat hutning

Proactive Vs reactive: why you need to take a proactive approach to cybersecurity

Alongside the development of the world, organizations have started to interface more of their processes to the cyberspace. A company’s reputation, intellectual property (IP), staff, and customers are at risk of being compromised. To properly protect their assets, enterprise businesses need a solid cybersecurity strategy installed. New threats are emerging regularly; estimations show 300,000 new…