US Cert recently issued notification regarding malicious cyber activity by the North Korean government [1] as Hidden Cobra. There are two families of malware used by the North Korean Government. Remote Access Tool (RAT) known as Jonap A Server Message Block (SMB)...
Authors: Balamurali A R and Satnam Singh Post Web 2.0, data generated on the internet has increased manifold. This has led to the use of data driven approaches to solve many traditional problems across different industry verticals. Among them, deep learning-based (DL)...
In our previous blogs[1][2], we have shared details of detection of breach campaigns and worms by using Deception. A Distributed Deception Platform (DDP) consists of the breadcrumbs and lures at the endpoint pointing to the honey services in the network. The DDP can...
Today’s breaches are predominantly carried out in a series of sophisticated, multi-stage attacks. The stages involved in such an attack can best be described by a “Cyber Kill Chain”. This, as per MITRE ATT&CK Adversary Tactic Model [11] breaks down cyber...
Today’s breaches are overwhelmingly carried out in a series of sophisticated, multi-stage attacks. The stages of such attacks can best be described by a “Cyber Kill Chain,” which as per MITRE ATT&CK Adversary Tactic Model [1] breaks down cyber intrusions into the...
The motivation for this blog is a question that has been circling in my head for a long time, and I have asked this question to many security analysts: Have they played a game with an adversary? or in other words – Have they engaged with an adversary? I got...
