Is your team 'log ready'?
In the aftermath of a breach disclosed by Microsoft earlier this month, the cybersecurity industry has cast an uneasy spotlight on audit and event logging within Microsoft's Azure and M365.
Jayanth Kumar
An overview of Threat hunting
Threat hunting, a relatively new approach to identifying malicious actors within
the network, is quickly becoming a standard practice.
Why is threat hunting an emerging discipline in information security?
Conventional systems just can't stop a significant number of intrusion attempts.
According to Verizon's Data breach investigations
Y22K? : Microsoft Exchange malware scanning can’t interpret 2022 dates; Emails undelivered
Reports are pouring in to Twitter of email traffic being frozen for many.
Microsoft's Exchange server formats dates as YYMMDDHHMM, and then stores that
number as a signed 32 bit Integer.
Since YY here changed from '21 to '22 overnight (Happy New Year, by the way!
The quick log4j vulnerability explainer
A devastating zero-day vulnerability was disclosed rather unwittingly via a
tweet and a post on Github that showed sample code being executed remotely via
the log4j. This exceptional post from lunasec.io
[https://www.lunasec.io/docs/blog/log4j-zero-day/] is where some people from the
infosec community would have encountered
Building and operating a home network security sensor - Pt 1. The rationale
Conventional malware mitigation is not working to keep cybercriminals or
advanced persistent threats out of systems and networks. Your home network may
also be easy pickings for cyber criminals or APT's
[https://csrc.nist.gov/glossary/term/advanced_persistent_threat] especially when
many people are going remote-first with