SecureDetection is SecureBug’s open culture community that allows you to evaluate your offensive and defensive skills in addition to letting you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.
Windows Task Scheduler is a tool that allows you to create and run virtually any task automatically. Typically, the system and certain apps use the scheduler to automate maintenance tasks (disk cleanup, and updates), but anyone can use it. With this experience, you can start applications, run commands, and execute scripts at any particular day…
Researchers have revealed a new malware campaign that they dub the Hornet’s Nest. What makes this attack distinguished is the deployment of six different malware variants in one go. These include crypto-miners, info stealers, crypto-stealer, and a backdoor. Though the campaign doesn’t appear as sophisticated compared to say a zero-day, it does, however, deploy six…
Let us take a look at computer forensic investigation tools. There are many tools of the Trade, in computer forensics. Some of which are software-based and some are hardware-based. Many of the computer forensic investigation tools exist in the form of a suite. Computer forensic investigation tools have a comprehensive set of features that…
Cybersecurity metrics and key performance indicators (KPIs) can help us to get survived in the information age. We live in a world in that a large amount of data and information get published every day. These data and information are surprisingly big and noisy for those who work in the IT field. For instance, we…
What are Threat Hunting and the use of threat hunting tools? Getting to know threat hunting tools get more important when we recognize that cybercrime groups are now building hard-to-detect tools and deploying techniques making it quite difficult for organizations to tell if they are being intruded. Passive methods of detecting signs of intrusion are…
Hackers use the Spraykatz tool to harvest credentials when they are conducting lateral movements. Lateral movement is when a cyber-attacker moves from one system or network to another to remain undetected, gain access to sensitive and high-value data, or gain escalated privileges. To do so, they require tools to access credentials. Spraykatz is a tool…
To apply this detection rule, you can convert it to your SIEM language. It is also recommended to update BIG-IP to the latest version. More information available here. You can also detect CMSTP.exe with INF files infected with malicious commands with our previous free Splunk detection rule. Secure Your Organization’s Mind with Securemind.se
An adversary may attempt to block indicators or events typically captured by sensors from being gathered and analyzed. This could include maliciously redirecting or even disabling host-based sensors, such as Event Tracing for Windows (ETW), by tampering settings that control the collection and flow of event telemetry. These settings may be stored on the system in configuration files…
An increasing number of cybersecurity threats are compromising organizations; in 2019, over 15.1 billion records were exposed. As the gravity and the number of these threats are increasing, a more proactive approach is required to repel attacks and cyber threats: Threat Hunting. Despite being a relatively new approach, threat hunting is rapidly becoming a key factor in…
Adversaries may implement hidden windows to conceal malicious activity from the plain sight of users. In some cases, windows that would typically be displayed when an application carries out an operation can be hidden. This may be utilized by system administrators to avoid disrupting user work environments when carrying out administrative tasks. Adversaries may abuse…