The APT group, known as Charming Kitten (APT35), is thought to be linked to the Iranian state. It is considered that it provides Cyber Intelligence to the Iranian state against human rights activities, academic researchers and media organizations, and the United States and Central Eastern countries are among the countries it targets. Charming Kitten
What is Cross-Site Scripting (XSS) and How Does It Work? Cross-Site Scripting (XSS) occurs when the input received from the user on a website is directly printed on the screen and interpreted by the HTML engine on the browser side. Since there is no filter or encoding, the attacker can use JavaScript and HTML codes as he wishes in this area.
What is Active Directory Structure? - User Account Types and Active Directory Security in the Corporate Network Active Directory is a structure in which user accounts in the corporate network are defined and the necessary authorizations are matched with the relevant users. The Active Directory structure is essentially an LDAP database. Active
Report Summary: Thousands of attack attempts to exploit the critical Log4Shell vulnerability have been detected worldwide. Most attack attempts are located in the US, UK, Turkey, Germany and the Netherlands, but due to the global prevalence of the Log4j software library on systems around the world, approximately 180 countries and regions
MUDDYWATER APT GROUP MuddyWater is an Iranian threat group. Researchers at Cisco Talos believe the MuddyWater hackers were "a group of multiple teams working independently rather than a single group of threat actors," primarily targeting Middle Eastern countries but also across Europe and North America.
Analyst: Arda Büyükkaya Executive Summary Infinitum IT's Cyber Threat Intelligence team has tracked a new malware loader called Bumblebee used by multiple crimeware threat actors previously observed delivering BazaLoader and IcedID. Bumblebee loader uses multiple evasion techniques to evade detection
AgentTesla Malware Exploits Microsoft Office Vulnerabilities (CVE-2017-0199 - CVE-2017-11882) Report Summary Agent Tesla Malware is a trojan that aims to steal personal data of target users. According to the analysis results, the AgentTesla Malware is hidden in a word document sent to the target system via Phishing e-mail and Invoice-Transfer Details.docx
Using Sysmon in Threat Hunting Processes It is very important to be able to make sense of cyber threats during operation processes, examine activities on the system, and collect logs from different sources. These are important situations for threat hunters. At this point, the Sysmon tool appears. Sysmon records the activities on the system on which it is installed.
WINDOWS EVENT LOGS AND SYSMON USE Event logs record events that occur while the system is running in order to understand the events occurring in the system and diagnose problems. As a blue team member, it is very important to understand these. Also combine event records from multiple sources
Sigma history and what is sigma? Sigma; It was a joint effort by Florian Roth and Thomas Patzke and was released by Florian Roth in 2017. It helps us easily identify the log events we have. It has its own format. Thanks to this format
Established in 2017 to provide consultancy, service and support services on information security, Infinitum IT carries out studies within the framework of cyber incident response services, secure code development/analysis, penetration tests, and blue/red teamwork.
Esentepe Mah. Buyukdere Cad. LOFT PLAZA Floor:4 Flat:86 Levent/Istanbul
Copyright © 2023 InfinitumIT– All Rights Reserved.
Esentepe Mah. Buyukdere Cad. LOFT PLAZA Floor:4 Flat:86 Levent/Istanbul
Copyright © 2023 InfinitumIT– All Rights Reserved.