• Kubernetes Threat Hunting

    Kubernetes Threat Hunting using API Server Audit Logs

    Kubernetes has emerged as the preferred platform for deploying and managing containerized applications in contemporary [...]

  • ClickFix: Another Deceptive Social Engineering Technique

    Fast FactsClickFix, first observed in mid-2024, represents a sophisticated form of social engineering that quickly [...]

  • Windows Shell Link Vulnerability ZDI-CAN-25373: Detecting Hidden Commands

    One of the latest vulnerabilities disclosed by TrendMicro, ZDI-CAN-25373, exposes a flaw in Windows shortcut [...]

  • EDR Killers: After All, EDRs Are Not Invincible

    Fast Facts: EDR Killers are a growing cybersecurity threat, gaining prominence in 2024 and 2025. [...]

  • Arrow hitting an a floating envelop, surrounded by a yellow glow, from the envelop multiple other envelops flight towards the right side of the picture.

    Exploring Strela Stealer: Initial Payload Analysis and Insights

    In cybersecurity research, it's easy to get caught up in the pursuit of uncovering new [...]

  • Hiding in Plain Sight: The Subtle Art of Loki Malware’s Obfuscation

    With the surge of cyberattacks, sharing threat intelligence in the form of insights, trends, and [...]

  • Latrodectus: The Wrath of Black Widow Featured Image

    Latrodectus: The Wrath of Black Widow

    Latrodectus, also known as BlackWidow, was developed by the same creators of IcedID malware, notoriously [...]

  • Logpoint 
pySigma Backend

    How to use Logpoint pySigma Backend for threat detection

    There’s no doubt that open-source projects are immense contributors to the software ecosystem. With an [...]

  • Shenanigans of Scheduled Tasks

    Shenanigans of Scheduled Tasks

    Updated August 26, 2024Scheduled Tasks are the automated processes configured to run automatically at a [...]

  • Threat Detection and 
Monitoring with Microsoft 365

    Threat Detection and Monitoring with Microsoft 365

    There’s no doubt that Microsoft 365 is widely used among companies of all sorts of [...]

  • Defending Against OS Credential Dumping: Threat Landscape, Strategies, and Best Practices

    Fast Facts OS Credential Dumping (T1003) is a critical cybersecurity threat. It involves stealing credential [...]

  • APT28: Inside Forest Blizzard’s New Arsenal

    Fast Facts:The Cyber espionage group Forest Blizzard is attributed to the GRU (Russia's military intelligence [...]