How AI forces us to expand our thinking about basic cybersecurity concepts: Part 2 – Confidentiality IntroductionIn the first part of this mini-series, we explored briefly what kind of impact... 2024-10-31 16:48:22 | 阅读: 1 | 收藏 | NVISO Labs - blog.nviso.eu datasets

How AI forces us to expand our thinking about basic cybersecurity concepts: Part 1 – Introduction The traditional CIA Triad (Confidentiality, Integrity, and Availability) has long been a corne... 2024-10-31 01:24:4 | 阅读: 4 | 收藏 | NVISO Labs - blog.nviso.eu security cia triad predictable

Hunting for Remote Management Tools: Detecting RMMs In our previous blog post about RMM (Remote Management and Monitoring) tools, we highlighted the pre... 2024-10-21 15:0:0 | 阅读: 3 | 收藏 | NVISO Labs - blog.nviso.eu bomgar remote rmm rmms remoteurl

All that JavaScript for… spear phishing? NVISO employs several hunting rules in multiple Threat Intelligence Platforms and other sources,... 2024-10-2 23:0:0 | 阅读: 18 | 收藏 | NVISO Labs - blog.nviso.eu phishing cryptojs stage decoded malicious

Emergency Accounts: Last Call! read file error: read notes: is a directory... 2024-9-17 18:21:57 | 阅读: 4 | 收藏 | NVISO Labs - blog.nviso.eu emergency fido2 entra microsoft quorum

Introduction to Third-Party Risk Management In today’s world, organizations are increasingly depending on their third-party vendors, s... 2024-9-12 15:0:0 | 阅读: 3 | 收藏 | NVISO Labs - blog.nviso.eu parties tprm security operational procurement

Hunting Chromium Notifications Earlier this year, NVISO identified an active cluster of domains likely tied to social engineeri... 2024-9-6 15:0:0 | 阅读: 10 | 收藏 | NVISO Labs - blog.nviso.eu chromium microsoft chrome interacted

Validate your Windows Audit Policy Configuration with KQL Defining an audit policy in Windows is crucial for making sure that the appropriate security events... 2024-9-5 15:0:0 | 阅读: 15 | 收藏 | NVISO Labs - blog.nviso.eu subcategory security logoff isempty windows

MEGAsync Forensics and Intrusion Attribution When intrusions near completion, adversaries commonly exfiltrate any data... 2024-9-4 15:0:0 | 阅读: 16 | 收藏 | NVISO Labs - blog.nviso.eu statecache mega megasync rubbish maxime

The Big TIBER Encyclopedia TIBER (Threat Intelligence-Based Ethical Red Teaming) is a framework introduced by the European Cent... 2024-8-29 15:0:0 | 阅读: 37 | 收藏 | NVISO Labs - blog.nviso.eu tiber purple teaming leg

From Evidence to Advantage: Leveraging Incident Response Artifacts for Red Team Engagements What is this blog post about?This blog post is about why incident responder artifacts not on... 2024-8-2 17:0:44 | 阅读: 2 | 收藏 | NVISO Labs - blog.nviso.eu windows artifacts microsoft security software

Hunting for Remote Management Tools In today’s digital landscape, Remote Management and Monitoring (RMM) tools... 2024-7-18 19:58:55 | 阅读: 8 | 收藏 | NVISO Labs - blog.nviso.eu rmm software engagements security hunt

Punch Card Hacking – Exploring a Mainframe Attack Vector Mainframes are the unseen workhorses that carry the load for many services we use on a daily bas... 2024-7-16 15:0:0 | 阅读: 8 | 收藏 | NVISO Labs - blog.nviso.eu jcl jes nviso mainframe security

The End of Passwords? Embrace the Future with Passkeys. Yesterday, unexpectedly, my personal Google account suggested using Passkeys for login. This is... 2024-7-2 15:0:0 | 阅读: 16 | 收藏 | NVISO Labs - blog.nviso.eu passkeys security passwords cloud

Format String Exploitation: A Hands-On Exploration for Linux SummaryThis blogpost covers a Capture The Flag challenge that was part of the 2024 picoCTF e... 2024-5-23 19:0:0 | 阅读: 9 | 收藏 | NVISO Labs - blog.nviso.eu memory setvbuf payload remote gamers

Top things that you might not be doing (yet) in Entra Conditional Access – Advanced Edition IntroductionIn the first post of the top things that you might not be doing (yet) in Entra C... 2024-3-18 16:0:0 | 阅读: 10 | 收藏 | NVISO Labs - blog.nviso.eu entra microsoft security enforce

Unpacking Flutter hives IntroWhen analyzing the security of mobile applications, it’s important to verify that all d... 2024-3-13 16:0:0 | 阅读: 13 | 收藏 | NVISO Labs - blog.nviso.eu dart flutter frames ultimatebox bee

Become Big Brother with Microsoft Purview IntroductionWith the never-ending amount of data we generate, process, and share within and... 2024-3-6 16:0:0 | 阅读: 11 | 收藏 | NVISO Labs - blog.nviso.eu microsoft purview security sensitivity triangle

Covert TLS n-day backdoors: SparkCockpit & SparkTar In early 2024, Ivanti’s Pulse Secure appliances suffered from wide-spread... 2024-3-1 18:59:0 | 阅读: 12 | 收藏 | NVISO Labs - blog.nviso.eu backdoors network nviso sparktar ivanti

Top things that you might not be doing (yet) in Entra Conditional Access IntroductionIn this blog post, I focus on the top things that you might not be doing (yet) i... 2024-2-27 16:0:14 | 阅读: 14 | 收藏 | NVISO Labs - blog.nviso.eu entra microsoft security identities