Blog – Page 2 – take infosec, mix with culture, sprinkle some spice, enjoy.

Finding & Attributing Malicious Command & Control Servers

By Fabian

In one of my last posts, I wrote about attribution in cybersecurity, i.e. ways to find out who was behind … More Finding & Attributing Malicious Command & Control Servers →

Cloud Security, Infosec

Differences in cloud security (Alibaba, Amazon, Google, IBM, Microsoft)

By Fabian

I recently had a look at the security assessments of different well-known cloud providers and found some interesting discrepancies. It … More Differences in cloud security (Alibaba, Amazon, Google, IBM, Microsoft) →

Attribution, Infosec

Who the hæck?Attribution in cybersecurity

By Fabian

While we are getting used to hearing news on a daily basis about hacking attacks, much less do we read … More Who the hæck?Attribution in cybersecurity →

HowTo, Infosec

SRPs block malware, but what if things stop working?

By Fabian

As I wrote in my last post on lateral movement, using AppLocker or Software Restriction Policies (SRPs) to avoid the … More SRPs block malware, but what if things stop working? →

Infosec

Hello, somebody there? Or: The difficulty of detecting lateral movement

By Fabian

Lateral Movement is a key technique for attackers: Once they entered your infrastructure, the next step is to look around … More Hello, somebody there? Or: The difficulty of detecting lateral movement →

Infosec

Which layer for encryption? Which for VPNs?

By Fabian

As more people work from home, VPNs are in peak season. Recently I discussed with a network engineer the advantages … More Which layer for encryption? Which for VPNs? →

HowTo

Life-saving Excel shortcuts

By Fabian

Recently on Twitter someone asked security professionals which tools they use most for their day-to-day tasks. Someone said “Excel” and … More Life-saving Excel shortcuts →

HowTo, Infosec

Analyze Emotet and Trickbot with NetworkMiner and Suricata

By Fabian

As I explained in the previous post, NetworkMiner and Suricata are a great combination for performing quick and straightforward network … More Analyze Emotet and Trickbot with NetworkMiner and Suricata →

HowTo, Infosec

Quick and easy setup for NetworkMiner and Suricata to perform network forensics

By Fabian

Many people know Suricata as network intrusion detection (IDS) system, i.e. acting on live traffic; many people know NetworkMiner as … More Quick and easy setup for NetworkMiner and Suricata to perform network forensics →

Infosec

Sysmon v11.10 reads Alternate Data Streams

By Fabian

A few days ago, the new version 11.10 of Sysinternals Sysmon was released. Despite the minor version increase from 11.0 … More Sysmon v11.10 reads Alternate Data Streams →