Browse all our cybersecurity articles and insights
This Excel document contains malicious macros that are obfuscated to avoid detection. When opened and macros are enabled, it attempts to reach out to external resources hosted on malicious URLs and download and execute additional payloads. Source: ht...
The Vjw0rm script is JavaScript malware with layered obfuscation. It is a Remote Access Trojan (RAT) designed to perform various malicious operations on a Windows system through the Windows Script Host (WSH) environment. When run, it decodes obfuscat...
In this exercise, I analysed a Remote Access Trojan binary, njRAT.exe, sourced from the Zoo malware repository on GitHub. Analysis revealed that the sample was originally compiled in 2013 as EnKSaR.HaCKeR.exe. The malware is designed to grant an atta...
The goal of this exercise is to write a code that generates a Random Password with Python. The function is named randomPassword, and it generates a random password that takes no parameters. The password criteria are as follows: The password will hav...
In this exercise, I investigated failed authentication attempts with Splunk to detect potential threat actors attempting to gain access to the environment. This exercise is divided into three parts: Detection, Validation, and Scoping. I found this re...
Understanding Threat Hunting Organisations use Security Information and Event Management (SIEM) software which comprises security monitoring and log management tools to detect suspicious activities on their network. Intrusion Detection System (IDS) a...
In this exercise, I investigate an incident wherein a user got compromised through a malicious email. My goal is to figure out how the computer got infected and document my findings. This malware exercise was obtained from malware-traffic-analysis....
Scenario 1: Worm and Distributed Denial of Service (DDoS) Agent Infestation Study the following scenario and discuss and determine the incident response handling questions that should be asked at each stage of the incident response process. Consider ...