In the world of cybersecurity, one of the most recent and emerging threats lies in the abuse of legitimate components of an operating system by threat actors. These components, known as Living Off the Land Binaries, Scripts, and Libraries (LOLBins or LOLBAS), have the potential to be manipulated and used in a way that facilitates […]
Free, paid, and open source anti-virus (AV) and anti-malware (AM) software are tools that are used to protect computers and networks from viruses, malware, and other types of malicious software. These tools are designed to scan for and detect malicious software, and to take action to remove or quarantine it. Some popular free and open […]
Threat hunting is the proactive process of searching for and identifying potential security threats within an organization’s network. Threat hunting involves using a variety of tools and techniques to identify indicators of compromise (IOCs) and other signs of malicious activity within an organization’s systems and data. This can include analyzing log files, monitoring network traffic, […]
Monitoring and logging in cybersecurity refers to the process of continuously monitoring and collecting data about network activity and security events, and storing this data in a centralized location for later analysis. Monitoring and logging can be used to identify potential security threats, track the progress of a security incident, or to troubleshoot problems on […]
Security Information & Event Management (SIEM) is a security technology that is used to collect, analyze, and report on security-related data and events. SIEM systems are designed to monitor network activity and identify potential security threats, such as malware infections, unauthorized access attempts, or network anomalies. SIEM systems typically collect data from a variety of […]