/

What is it Really Like to Work in Cybersecurity?

I’ve enjoyed a fascinating and deeply fulfilling career in cybersecurity that has taken me all over the world, and now I want to share my experience of working in what I consider to be the most fun and exciting industry out there. That’s why I held a live event to answer questions on what it’s really like to work on digital defense’s frontline. If you’re curious about how to advance in the industry or have a friend or relative who wants to work in cybersecurity, these insights from me and from the CQURE team are for you.

Read more

/

Cached Credentials: Important Facts That You Cannot Miss

Why changing your cached credentials to 0 or 1 is… pointless? I will show you how cached logon data works, what is inside, how we’re able to overwrite it, and what kind of threat it exposes.

Read more

/

User Secrets: How to Get Them Back Using Password Recovery Tools

Cybersecurity professionals know that they could be called on at any time to recover a user secret. For example, if an employee’s profile is corrupted or user secrets have to be decrypted offline (e.g. during analysis of the forensic image of the operating system).

Find out about some tools capable of decrypting secrets protected using DPAPI and get an outline of how to use them.

Read more

by CQURE Experts

/

CQURE Hacks

Hacks Weekly #53 Hybrid Analysis

As with everything that you might find online, it is necessary to verify the information you have. The same goes for Cybersecurity-related information. To ensure the correctness of findings you should cross-check them with other tools/services available to you.

Read more

by CQURE Experts

/

Hacks Weekly #52 Malware Analysis with AnyRun

In this Hacks Weekly episode, we will focus on analyzing malware inside the AnyRun cloud software.

AnyRun is an interactive online malware analysis sandbox. You can detonate here any potential malware and analyze what it contains, what actions it performs, what files it modifies and for example, what HTTP request could be sent. AnyRun is a widely used analytic tool, as researchers can simulate and test potentially malicious files.

Read more

/

CQURE Hacks

Hacks Weekly #51 Investigating Risky Events Azure AD

Welcome to another episode of CQURE Hacks Weekly – Investigating Risky Events Azure AD. This time we’re going to discuss how Azure AD Identity Protection is used to detect, analyze and investigate risky events related to user identities. You’ll learn how to configure User and Sign-in risk policies in Azure Portal, and how to use conditional access to specify cloud apps, user groups, and security requirements.

We will also find out why is it important to use log data to detect risky sign-ins from locations not defined in conditional access or from the Tor network, and to protect against external threats that may attempt to gain unauthorized access to company accounts.

Read more

Load more