For the past couple of months, I thought of implementing an internal Sandbox for my organization as you cannot rely totally on other community-based sandboxes available on the internet like Hybrid Analysis, Joe Sandbox, Reverse It, etc… Though they give you the best results, very much need arises to have an internal sandbox in your …
Over the past few days, I have been noticing a new threat for Linux operating systems and It was actually a night of September 19th, 2018 when I saw a new Linux malware that has been spreading in wild to form a botnet from the compromised machines and further spreading to add more victims to …
Hello readers! In this article, we will look at the PE Header which is very much important in understanding the internal part of an executable file. Once you have an overall idea about what’s inside the executable file and how that executable file works in Windows it will then become easy for you to analyze …
Hello readers! Today I will be writing a general post which I think can be helpful for the SOC analysts while creating incidents. So, let’s first understand what this article is about and how it will help you in your process. So, ATP safe links is actually a security feature of Microsoft that comes with …
Hi readers! The agenda of this article is to give a brief overview of the registry keys and the ways malware authors use in order to achieve persistence so as to evade detection by traditional security technology. Malware often uses the registry for persistence or configuration data. And as soon as the malware gets inside …