Hello aspiring AI whisperer! So, you've finally caved into peer pressure (or maybe your job straight-up told you it's on and poppin') and decided it is time to dip your …
Written by Peter Ramadan. Incident response (IR) is the backbone of any organization’s cybersecurity defense. For CIOs, CISOs, and Directors of Information Security, your IR procedures are well-established—but how efficient and …
Written by Peter RamadanRunning a successful security program isn’t some pleasant game of hopscotch—it’s a war, and the battlefield’s shifting under your feet every damn day. Long-term risk? That’s not …
Written by Peter Ramadan. CISSP Policy is the invisible thread that binds an organization together—a web of rules, subtle yet ironclad, dictating the commotion of the enterprises endeavors into some resembling …
Written by Peter RamadanWelcome to the first in a series of articles on giving your Security Operation Center (SOC) a serious path to success. The responsibility of leading a SOC …
Building From The Ground Up The idea of creating a security program from scratch crossed my mind many times before I had the chance to do it. When I landed into …
A couple years ago I published tool xorsearch.py for this diary entry: "Small Challenge: A Simple Word Maldoc - Part 4". A couple years ago I published tool xorsearch.py for this …
Coinbase is going Liam Neeson on its attackers, potentially setting a new precedent for incident response in the wake of crypto- and blockchain-targeting cyberattacks. Coinbase is going Liam Neeson on its …
An internal error led to public disclosure of reams of sensitive data that could be co-opted for follow-on cyberattacks. An internal error led to public disclosure of reams of sensitive data …
Scattered Spider and other phishers and hacking groups are using rentable subdomains from dynamic DNS providers to obfuscate their activity and impersonate well-known brands. Scattered Spider and other phishers and hacking …
Specialization among threat groups poses challenges for defenders, who now must distinguish between different actors responsible for different facets of an attack. Specialization among threat groups poses challenges for defenders, who …
A well-documented cybersecurity incident response program (CSIRP) provides the transparency needed for informed decision-making, protecting the organization in a constantly changing threat environment. A well-documented cybersecurity incident response program (CSIRP) provides …
Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational …
Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and …
Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the …
Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. "Threat actors delivered malicious …
