Join the Webinar | Strong Protection Against Cyber Threats

Charming Kitten (APT35)

The APT group, known as Charming Kitten (APT35), is thought to be linked to the Iranian state. It is considered that it provides Cyber Intelligence to the Iranian state against human rights activities, academic researchers and media organizations, and the United States and Central Eastern countries are among the countries it targets. Charming Kitten

What is Active Directory Structure?

What is Active Directory Structure? - User Account Types and Active Directory Security in the Corporate Network Active Directory is a structure in which user accounts in the corporate network are defined and the necessary authorizations are matched with the relevant users. The Active Directory structure is essentially an LDAP database. Active

MUDDYWATER APT GROUP

MUDDYWATER APT GROUP MuddyWater is an Iranian threat group. Researchers at Cisco Talos believe the MuddyWater hackers were "a group of multiple teams working independently rather than a single group of threat actors," primarily targeting Middle Eastern countries but also across Europe and North America.

AgentTesla Malware

AgentTesla Malware Exploits Microsoft Office Vulnerabilities (CVE-2017-0199 - CVE-2017-11882) Report Summary Agent Tesla Malware is a trojan that aims to steal personal data of target users. According to the analysis results, the AgentTesla Malware is hidden in a word document sent to the target system via Phishing e-mail and Invoice-Transfer Details.docx

Using Sysmon in Threat Hunting Processes

Using Sysmon in Threat Hunting Processes It is very important to be able to make sense of cyber threats during operation processes, examine activities on the system, and collect logs from different sources. These are important situations for threat hunters. At this point, the Sysmon tool appears. Sysmon records the activities on the system on which it is installed.

WINDOWS EVENT LOGS AND USING SYSMON

WINDOWS EVENT LOGS AND SYSMON USE Event logs record events that occur while the system is running in order to understand the events occurring in the system and diagnose problems. As a blue team member, it is very important to understand these. Also combine event records from multiple sources

1 5 6 7 8 9 12