SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.

Threat HDetect CMSTP.exe with Malicious INF Files via Free Splunk Detection Rule

Detect CMSTP.exe with INF Files Infected with Malicious Commands with Free Splunk Detection Rule

The Microsoft Connection Manager Profile Installer (CMSTP.exe) is a command-line program used to install Connection Manager service profiles. CMSTP.exe accepts an installation information file (INF) as a parameter and installs a service profile leveraged for remote access connections. ID: T1191 Tactic: Defense Evasion, Execution Platform: Windows Permissions Required: User Data Sources: Process monitoring, Process command-line…

Week in Cyber News: TikTok Sued, Adobe Patches Flaws, Anubis & Zeus Sphinx Malware New Malicious Features, RATicate Hacking Group

Popular services, programs, and organizations have always been a target of cyber-attacks to exploit the vulnerabilities in the service, steal users’ information, steal sensitive corporate information, or compromise the infrastructure. We have gathered the major cyber news over the past week in one post. TikTok fails to fulfill Children’s Privacy agreement The popular video-sharing app…

hunting BITS threat hunting

Introduction to Hunting Microsoft BITS

Microsoft BITS Microsoft Background Intelligent Transfer Service is a tool present in all modern Microsoft Windows operating systems. Microsoft BITS is used by programmers and system administrators to download files from or upload files to HTTP web servers and SMB file shares. BITS will consider the cost of the transfer, as well as the network…