Detecting Malicious RDP Sessions in Volt Typhoon Cyber Attacks
The Volt Typhoon cyber attack is a sophisticated threat where adversaries exploit valid credentials to maintain stealthy access to IT and OT networks. One key tactic they employ is using…
When Firewalls Fail: Understanding and Mitigating Cyber Intrusions
When Firewalls Fail: Understanding and Mitigating Cyber Intrusions https://youtu.be/4nsOpJamaO0?feature=shared Introduction Firewalls are often seen as the frontline defense against cyber threats, but what happens when they become the target? In […]
Unpacking MITRE ATT&CK: Common Ports and Protocols [T1071, T0869, T0885]
A threat hunter’s guide to detecting malicious activity on common ports. Learn how attackers abuse protocols based on MITRE ATT&CK® T1071, T0869, & T0885 and build a context-driven defense.
Industrial Cybersecurity Terms Defined: OT-SCADA-RTU, Oh My!
Explore key industrial cybersecurity terms and better understand the acronym alphabet soup of OT, SCADA, PLC, HMI, RTU, and other terms.
WannaCry: Background and Detection of a Major SMB Based Ransomware Event
Revisit the 2017 WannaCry attack. Discover how the EternalBlue exploit fueled the global ransomware worm and learn timeless threat hunting lessons for detecting advanced threats in SMB network traffic
Exploring and Detecting Historical Cybersecurity Incidents: Ukraine 2015
A deep dive into the landmark 2015 Ukraine power grid cyberattack. Explore how BlackEnergy malware was used in a multi-stage assault and learn actionable detection and defense strategies to protect critical infrastructure from today’s threats.
Volt Typhoon: Unpacking State Sponsored Living-Off-the-Land Attacks on Critical Infrastructure
This Tech Talk Tuesday episode by Dan Gunter from Insane Forensics examines the Volt Typhoon cyberattack.
How to Measure Cybersecurity Automation Maturity and Possibility
Is your security automation effective? Discover the Cybersecurity Automation Maturity Matrix, a framework inspired by self-driving cars to measure and improve your threat hunting and incident response capabilities.
Cybersecurity Training and Certifications: Free to Paid
Cybersecurity Trainings and Certifications: from Free to Paid https://youtu.be/i23hAiKurY8?si=vfpgEXZurcYzjxJ8 Charting Your Course in Cybersecurity: Training and Certifications from Free to Premium Feeling a bit lost in the maze of cybersecurity […]
Living Off the Land: How to Hunt for and Respond to LOLBins Attacks in OT
Learn how to detect and respond to LOLBins attacks in OT environments. This guide examines the 2022 Sandworm attack, explains LOLBins techniques, and provides actionable threat detection methods.