All Posts

Learning to identify Indicators of Compromise (IoCs) in malware is always easier when the sample is controlled  and home-grown . In this series, I'll be analyzing a synthetic malware sample that I personally wrote as part of an ethical red-team learning exercise . The synthetic malware sample used in this series was designed to behave similarly to modern loader-style implants and, during testing inside a controlled lab environment, it successfully bypassed basic detection mec

A Modern Perspective on Information Security Models For decades, cybersecurity professionals have relied on the CIA Triad — Confidentiality, Integrity, and Availability —as the foundational model for protecting information systems. While these three pillars remain essential, the increasing complexity of digital ecosystems has exposed gaps in the traditional model, especially as businesses modernize architectures, move to cloud environments, and face advanced threats. To addre

When writing C programs that deal with AES encryption, hashing, file I/O,network packets, or any low-level binary processing, you will frequentlysee the use of "uint8_t" instead of the plain "int" type. Here we discuss why "uint8_t" is the correct and standard type for such code. "int" IS NOT A FIXED SIZE The C standard allows "int" to vary in size depending on the platform: On some systems: 16 bits On most modern systems: 32 bits On some architectures: 64 bits This means: in

This is a series of articles where we analyze Kamasers family of malware. In this article we are starting off with static analysis. The malware sample is used from Malware Bazaar, located here: https://bazaar.abuse.ch/sample/12d5e3fdac938bef0d9c78e7905d6d1deaca21602aaef3fdc900b0063edb40f9/ Checking the file type Using "file" Using xxd Shows the Windows Executable marker Using ExeInfo 32 bit exe Created using MS Visual C++ Not packed Finding SHA-256 ┌──(kali㉿kali)-[~/ma-sample

Risk Assessment — know which end-of-life systems put you most at risk Why Windows 10’s looming deadline should make you nervous So here’s...

Cybersecurity is a front-line defense in a world increasingly targeted by cyberattacks. Among these threats, ransomware is particularly...

If you are creating set-up for internal pen testing, one common and technically easiest one is simply to have physical access - i.e. the...

Ever wondered - "Why would someone target me for a cyber attack?" Well, they may not be after you per se, but your computer; and to make...

The .text section in a PE file typically contains executable code, such as the program's main instructions. This section is marked as execut

Generally programs need memory to store data and read it back. The normal memory protection used while allocating memory is hence "Read"...

We find ourselves drawn to iptables and ipsets for their remarkable functionality today, but it doesn't change the fact that several...

Information Security (InfoSec) is a vast field. Among other areas, one, often neglected but equally important as others, is "Business...

Introduction The "OWASP Top 10" lists the top ten most critical web application security risks, and "Broken Access Control" currently...

Introduction The main difference is Red Teaming simulates real-life attacks. While doing so, the objective is to remain as evasive and...

Amazon Web Services (AWS) Elastic Compute Cloud (EC2) is a popular cloud computing service that allows users to rent virtual computing...

This question haunts every sys admin, network admin, product owner, and company owner! Often I am asked to evaluate the security where...

Introduction These are very generic, very high-level two broad categories. You want to get a gauge of the security posture of your...

Introduction We have seen many Cyber Attacks recently that were instrumented using malware. It is likely that malware attacks will...

What are Serverless Solutions The term "serverless" is a misnomer, as servers are still involved in running a serverless application....

The rules of engagement (RoE) in penetration testing are the guidelines and limitations set by the client or organization that define the...