Building a Hacking Lab on a Budget: From Free to $XXX,XXX
Learn how to build a budget-friendly hacking lab at home or in an office using virtualization, single-server setups, or enterprise-grade multi-server environments. Explore cost-effective hardware, software, cloud options, and licensing tips to create the perfect cybersecurity research lab.
Going from Nation State Malware Sample to MITRE ATT&CK Techniques in Under 5 Minutes
Learn how to analyze nation-state malware like BlackEnergy using Hybrid Analysis. Discover key attack techniques, MITRE ATT&CK mapping, and best practices for cybersecurity threat hunting.
Hunting for APT28/Hafnium NTDS.dit Domain Controller Credential Harvesting [MITRE ATT&CK T1003.003]
Learn how attackers harvest credentials from Windows domain controllers using NTDS.dit extraction techniques, including NTDSutil.exe, Volume Shadow Copy, and Impacket. Discover detection methods and security best practices to protect Active Directory environments from credential theft.
Using MITRE ATT&CK for Enterprise and ATT&CK for ICS in Industrial Environments
MITRE’s ATT&CK for Enterprise matrix and ATT&CK for ICS matrix provide two valuable reference models for network security. In this edition of #TechTalkTuesday, we will be joined by Ron Fabela from SynSaber to explore why you should be using both models to secure industrial systems and networks.
Threat Hunting for No-Key-Theft-Required Attacks in Trusted Binaries [MITRE ATT&CK T1553.002]
Digitally signed executables provide one layer of trust to prevent attacks that leverage unauthorized or unexpected code.
Put Down Your Dukes: Hunting For Hacking Group APT 29/APT 37/APT 40’s Covert Data Exfiltration
This article explores how these groups use steganography to conceal and transmit stolen data.
Going From Threat Intel to Threat Hunt: Threat Hunting for Nation State Actors
Learn how to build an effective threat-hunting strategy against nation-state actors using threat intelligence. This guide breaks down attack patterns, key observables, and defensive techniques to enhance cybersecurity defenses.
Adventures in Using ELK to Keep the Lights On ElasticON 2021
Adventures in Using ELK to Keep the Lights On — ElasticON 2021 https://youtu.be/ZuYBcgVmbZc Keep Your Digital Lights On: A Real-World Guide to the ELK Stack Let’s face it, in today’s […]
Consider the (Data) Source: A Journey Through an Industrial Attack
Consider the (Data) Source: A Journey Through an Industrial Attack https://youtu.be/a-6w4qxYaUg A Cybersecurity Deep Dive: Insights from DEF CON 29’s Industrial Attack Analysis The cybersecurity landscape is constantly evolving, and […]
Hacking an Industrial Control System
Ever wondered how a cyberattack on an industrial facility actually unfolds? At a recent Hack the Capital event, cybersecurity experts Donovan Norman, known for his work with ICS Village and GRIMM, and Dan Gunter from Insane Cyber, pulled back the curtain.