A Cyber Security Operations Centre, or CSOC is increasingly recognized as being an essential part of a defence-in-depth approach to cybersecurity, where multiple layers of security controls permeate the IT landscape providing diverse measures that;
Abusing macro to get code execution from a Word document
In order to gain initial access as part of a red team exercise, phishing is a very popular approach. A convincing scenario must be found to entice the targets to download and run the malicious file on their laptop. Using a Word document with a macro that launches the malware is a good way to create a legitimate scenario and build target confidence. However, it is necessary to work ahead of time on the macro to avoid defensive measures. For the following, we will choose to target an up-to-date Windows 10 version with all default settings. We will then see what we need to do for our macro to be recognized as legitimate.
SIEM vs SOC vs CFC: What is the difference?
In today’s article, we discuss SIEM, SOC and CFC.
Cyber threats have grown significantly over the last decade. From simple malware to complex advanced persistent threat groups. Threat actors have progressed significantly, they are constantly improving their methods and techniques to breach security controls causing massive damage and disruptions.
The importance of Privileged Access Management (PAM) in 2-min read
Businesses now more than ever, are vulnerable to cyber-attacks. This is why we will focus on prevention and how to stay ahead of attackers with the use of a Privileged Access Management (PAM) solution.
What is Certificate Transparency and how important is it?
Certificate Transparency is a publicly logging of Transport Layer Security (TLS) certificates. This open framework is defined in the experimental RFC 6962 1https://datatracker.ietf.org/doc/html/rfc6962 (Request For Comments).
Armacell: Speeding Up Incident Response and Recovery with Azure Sentinel
Armacell: Speeding Up Incident Response and Recovery with Azure Sentinel
Armacell is a global manufacturing company, providing flexible insulation foams for the equipment insulation market. As a growing company relying increasingly on the cloud, they need fortifying their defence against security threats. As part of that initiative, they needed a partner that could manage threat identification and incident response with them — and that’s where Excellium came in. Building their solution on Azure Sentinel, Excellium will help Armacell with a cost-effective approach to event collection and collation, threat detection, incident investigation, and rapid response. Read on for the details. Read more
Continuous deployment: applying security for web application development
The rise of Continuous deployment
With the rise of the Continuous Deployment[1]https://www.atlassian.com/continuous-delivery/continuous-deployment activity, the frequency at which web applications (website, API, etc.) are deployed has significantly increased. Nowadays it is common to see companies deploying a new version of a web application several times a weeks/months[2]https://cloud.google.com/blog/products/devops-sre/another-way-to-gauge-your-devops-performance-according-to-dora.
Risks linked to external dependencies
Nowadays, most of the software is based on external components that are created and maintained by external entities. External components are also named “third-party” components and can be, for example, a library. The objective is, most of the time, to delegate specific operations to dedicated components. This facilitates the maintenance of the main application and lets the developers focus on the code providing the business features. The type of operation performed by a component can be, for example, Processing of specific file format, logging, handling of business data formats (e.g., SWIFT) and so on.
The art of hiding secrets in plain sight with base64 padding steganography
The technique of hiding information in public data is called steganography. The Base64 encoding uses 0-padding when encoding data. It is possible to hide information in this padding, as it is disregarded upon decoding. For efficiently hiding larger amounts multiple strings need to be encoded as one Base64-encoded string can contain 4, 2 or 0 bits of secret text. This article explains the technique, provides a python code for hiding and retrieving the information and shows performance information about the method.