I’ve enjoyed a fascinating and deeply fulfilling career in cybersecurity that has taken me all over the world, and now I want to share my experience of working in what I consider to be the most fun and exciting industry out there. That’s why I held a live event to answer questions on what it’s really like to work on digital defense’s frontline. If you’re curious about how to advance in the industry or have a friend or relative who wants to work in cybersecurity, these insights from me and from the CQURE team are for you.
Why changing your cached credentials to 0 or 1 is… pointless? I will show you how cached logon data works, what is inside, how we're able to overwrite it, and what kind of threat it exposes.
Cybersecurity professionals know that they could be called on at any time to recover a user secret. For example, if an employee's profile is corrupted or user secrets have to be decrypted offline (e.g. during analysis of the forensic image of the operating system).
Find out about some tools capable of decrypting secrets protected using DPAPI and get an outline of how to use them.
In this Hacks Weekly episode, we will focus on analyzing malware inside the AnyRun cloud software.AnyRun is an interactive online malware analysis sandbox. You can detonate here any potential malware and analyze what it contains, what actions it performs, what files it modifies and for example, what HTTP request could be sent. AnyRun is a widely used analytic tool, as researchers can simulate and test potentially malicious files.
Welcome to another episode of CQURE Hacks Weekly. This time we will focus on network traffic analysis with a special scenario – Neutrino Exploit Kit.Network Traffic Analysis (NTA) is a comprehensive security process which enables intercepting and examining network activities in order to deduct suspicious events and security issues. Analyzing what, when, and where data is flowing across different parts of the network is crucial for IT Pros, as they should be able to identify irregular operations and react.
Capturing and analyzing system boot and resuming performance data are very useful whiletroubleshooting slow boot times. In general, changes in the booting process may indicate that system has been compromised. It can detect or support our deduction of the presence of malware, as we can review suspicious activities. Boot monitoring may also help with the performance of the system by identifying bottlenecks in the process.Let’s start with our Introduction to Boot Monitoring.