31 Dec
How does ChatGPT work? Tracing the evolution of AIGC.
AIGC, or AI-generated Content, is a way of content creation using artificial intelligence and is considered a new type of content creation after PGC (Professionally-generated Content) and UGC (User-generated Content). AIGC is developing rapidly in many fields such as text, image, and audio/video, software development, and in recent years there are many creation experience platforms
29 Sep
Prevent Email Spoofing with SPF, DKIM and DMARC
Email spoofing is one of the common techniques used by phishing attacks. By using different techniques, attackers trick users to think the email is from legitimate parties. To combat email spoofing, a few mechanisms have been invented – Namely DMARC, DKIM & SPF. However many times the terms are confusing. In this blog, we will
14 Jul
Risk based Alerting
Security operations centers (SOC) are incredibly noisy places. They experience hundreds of thousands of security alerts daily. 1% are urgent and very likely to be true attacks. 30% of alerts are false positives. The rest of 69% are either information, nonactionable, or take time to completely identify as false positives or true positives. Either tweaking
23 May
Start detecting Leaked Secrets on Darkweb in 10 minutes
The deep web, also known as the dark web, is a part of the internet that is not indexed by search engines and is therefore not accessible to most users. It is often associated with illegal activities, such as the sale of drugs and weapons, and is therefore sometimes referred to as the “dark side”
10 May
Cybersec Cheat Sheets
Shortcut, hot-keys are powerful techniques to improve efficiencies in daily security operations. However, it is hard to remember them all unless you are using the applications all day. Here is a curated list of cheat sheets for many many popular techs in our cybersecurity space. We did not create them. Credits are to the authors
03 May
Create a Red and Blue Team HomeLab
A SOC team usually has a red team and a blue team. It is always a good idea to practice TTPs(techniques, tactics, procedures), generate IOCs so that you can understand how an attack works and what noise it generates, and set up automation to start practicing analyzing and responding to these issues, with the aim
12 Feb
Continuous Security Reporting using popular BI tools
Microsoft Power BI and Google Data Studio Both Microsoft Power BI and Google Data Studio are two robust data analytics tools that can help you visualize raw and complex data. Their easy-to-understand user interfaces are good options for creating reports and sharing them with your manager or colleagues. Create Security Reporting Dashboard Security teams are
11 Feb
Bridge the gap between security detection and response
The evolution of the Security Operation Center (SOC) Security Information and Event Management Platforms (SIEM) have gradually become the center of SOC operations. They create different and relevant security detections/alerts that security analysts have to evaluate. Usually, a tier 1 analyst performs the initial triage of SIEM alerts and escalates high-priority ones to tier 2
30 Oct
Investigation and Response for Unemployment Benefit Fraud Alerts
Among the many new challenges that the COVID-19 pandemic has brought to security analysts, a recent and very serious one is unemployment benefits fraud. Criminals are filing claims for benefits using the credentials of people who haven’t lost their job. They learn of it when they get a letter from the government about the status
Recent Posts
Recent Posts
Recent Comments
Leveraging AI To Reduce Risk of Ransomware
Top 5 free tools to defend against Ransomware Attack - AI-Based Analysis and Response