The Attack That Can Fool Anyone. Don’t Ignore Social Engineering
Paula Januszkiewicz demonstrates a social engineering attack in which Evilginx is deployed to phish Microsoft Teams login credentials.
Category: CQURE Hacks
How to Bury Risk in the Sand? Configure Windows Sandbox for malware analysis
Windows Sandbox can protect your PC from malicious executables. Here’s how to install and configure it correctly from a security expert.
Back to Basics: Conditional Access in Azure Active Directory
In this beginner’s guide to conditional access in Azure Active Directory, Paula J shows how to regulate access by user, format and device type.
Back to Basics: Using PIM in Azure Active Directory Security
Paula J shows how to use Privileged Identity Management (PIM) in Azure Active Directory security to enforce just-in-time access and manage who has what roles.
Hacks Weekly #47 Memory Dump
Memory dump in general is useful in order to investigate what’s running in our system memory. Everything, all information that was running before the crash is stored in our memory. For example, if there is any kind of malicious code that is running in the memory of a legitimate process, then you would be able […]
Hacks Weekly #48 Introduction to Stackwalking
Stackwalking is very useful function which could be enabled in a feature of the Event Tracking for Windows and the Windows Performance Analyzer. ETW is implemented in the Windows operating system. It provides us with a fast and reliable set of event tracing features. When you enable stackwalking for a kernel event, the kernel captures […]
Hacks Weekly #49 Introduction to Boot Monitoring
By monitoring the boot process, one might detect a malware infection as some of the malicious executables interfere with Windows system files accessed during the system boot-up resulting in a slower start of it. First of all, please make sure you have set up stack walking. If you have not done it yet, you can […]
Hacks Weekly #50 Network Traffic Analysis
Neutrino, one of the world’s most popular exploit kits, will be the base for our Hacks Weekly scenario. Its malicious code can be injected into legitimate resources – like websites – and compromise a computer through various vendor vulnerabilities. However, due to NTA, we are able to track Neutrino steps and find the root that […]
Hacks Weekly #51 Investigating Risky Events Azure AD
This time we’re going to talk about Azure AD Identity Protection and investigating risky events related to identities. We’re going to detect, analyze and decide what is happening with our users. First of all, let’s look at the Azure Portal. Let’s launch Portal.azure.com and go to Azure AD Identity Protection where we can see a […]
Hacks Weekly #52 Malware Analysis with AnyRun
During this scenario, we will work with EMOTET malware. You can watch our video version of this Hacks Weekly episode to see the whole process of infecting the endpoint with this malware. Our first step is searching for all processes that EMOTET malware can execute. In the bottom right corner of the AnyRun software, you […]
