Iran-Supported APT Group APT39: Chafer APT39, which is especially after the sensitive personal data of anti-Iranian institution employees; Chafer is known by names such as REMIX KITTEN and COBALT HICKMAN. The APT group, which carries out cyber espionage activities for the interests of Iran, has also targeted Turkey before.
The Nightmare of E-commerce Sites: Credential Stuffing. Credential Stuffing, a technique that uses the risk of using the same e-mail and password pairs on different platforms, affects e-commerce sites the most... What is Credential Stuffing? Credential Stuffing, which we can translate into our language as "Identity Stuffing", has become an astronomical issue in e-commerce, especially in recent years.
SIEM Log Management Security The importance of SIEM products or SIEM approaches, which have been the shining stars of the cyber security community in recent years, is increasing. Therefore, in parallel with this, SIEM log management is gaining importance day by day. The increase in open source or free software, enterprise SIEM software
Threat Simulation with Miter Caldera What is Miter Caldera? Caldera, which is based on an ATT&CK project; generates plans during the operation using an attacker's techniques, tactics and attack patterns. These features allow Caldera to run on a range of systems using variable behavior. this too
Analyst: Arda Büyükkaya Executive Summary Infinitum IT's Cyber Threat Intelligence team has tracked a new malware loader called Bumblebee used by multiple crimeware threat actors previously observed delivering BazaLoader and IcedID. Bumblebee loader uses multiple evasion techniques to evade detection
INSTALLATION OF OPEN SOURCE SIEM TOOLS - Splunk Open Source SIEM tools are among the security solutions preferred by IT departments today to ensure the security of systems. In this article, we describe the installation of Splunk, one of the most used open source SIEM products.
SMTP Open Relay Vulnerability There are a few concepts that need to be known before gaining sufficient knowledge about the SMTP Open Relay vulnerability. Before SMTP Relay vulnerability, it is necessary to first know what SMTP and mail relay are. What is Simple Mail Transfer Protocol (SMTP)? “Simple Information” into Turkish
The APT group, known as Charming Kitten (APT35), is thought to be linked to the Iranian state. It is considered that it provides Cyber Intelligence to the Iranian state against human rights activities, academic researchers and media organizations, and the United States and Central Eastern countries are among the countries it targets. Charming Kitten
WINDOWS MANAGEMENT INSTRUMENTATION (WMI) Windows Management Instrumentation (WMI) is a set of features from Microsoft and a technology built into Windows designed for fast and efficient management in the case of Windows systems, allowing better management of computers. WMI is Microsoft's industry standard Web Based
Considering the importance of CSRF/XSRF (Cross-Site Request Forgery) Web applications, mistakes made during the development of these applications; It may lead to theft, alteration of user information and unauthorized use. CSRF is one of the attack methods associated with these errors. What is Cross-Site Request Forgery (CSRF/XSRF)? CSRF stands for Cross-Site Request Forgery.
Established in 2017 to provide consultancy, service and support services on information security, Infinitum IT carries out studies within the framework of cyber incident response services, secure code development/analysis, penetration tests, and blue/red teamwork.
Esentepe Mah. Buyukdere Cad. LOFT PLAZA Floor:4 Flat:86 Levent/Istanbul
Copyright © 2023 InfinitumIT– All Rights Reserved.
Esentepe Mah. Buyukdere Cad. LOFT PLAZA Floor:4 Flat:86 Levent/Istanbul
Copyright © 2023 InfinitumIT– All Rights Reserved.