Blog List

Categories

Zero-day vulnerability (aka Log4Shell) in Apache Log4j is being actively exploited

INTRODUCTION Log4Shell vulnerability (CVE-2021-44228) impacts multiple versions of awidely distributed Java software component, Apache Log4j 2. The vulnerability exists in the way the Java Naming and Directory Interface (JNDI) feature resolves variables and allows a remote attacker to execute arbitrary code on the target system. Apache Log4j2 <2.15, JNDI enables attackers to call external java […]


Significance of a career in Security Operations Center (SOC)

Why should you get into Security Operations Center (SOC)? Cybersecurity breaches are on the rise. Most of these breaches occur due to the lack of a comprehensive monitoring/surveillance strategy and poor implementation of various security controls. Fig: Reasons for cybersecurity breaches – https://ssdtechie.com/2020/07/06/the-human-factor-in-cybersecurity-employees/ One of the best ways to mitigate such risks is by having […]


Windows Timeline: Putting the what & when together

One of the most critical factors that determine the success and efficacy of a digital forensic investigation is putting together the right temporal analysis of events. At a fundamental level, the Windows Timeline is nothing but putting the what and when together of the user’s activities on a Windows system. The Windows Timeline is an […]


Revealing REvil

An Overview of the most dreaded ransomware in recent times Resurgence of Ransomware In April 2019, the Cybereason Nocturnus team encountered several target machines infected with a ransomware called Sodinokibi, which spread via links to zip files containing malicious. Sodinokibi (aka Sodin aka REvil) is installed on machines by exploiting an Oracle WebLogic vulnerability (CVE-2019-2725) and […]


Top