Default configurations and security misconfigurations are commonly found in installed software and applications. A default configuration refers to the prebuilt standard configuration that ships with an application. Using the default...
Rootkits (MITRE T1014) are malicious software with the functionality to hide files, network connections, processes, and other system artifacts. They may reside in user mode, kernel mode, or in the...
Cobalt strike is a red team command and control framework used for adversary emulation. Due to its functionality and flexibility, it has been widely adopted by both red teams and...
JSSLoader is a remote access trojan by the Russian FIN7 hacking group. There has been an increase in the number of JSSLoader infections this year. These infections have been utilizing...
Malicious files can serve as indicators of compromise (IOC) on endpoints where they are observed to be present. These files may end up on endpoints through various attack vectors. As...
Wazuh is an open source security solution that can be used for security data collection, threat detection, file integrity monitoring, endpoint protection, incident response, and compliance. The Wazuh agent is...
AbuseIPDB is a project that helps systems administrators, webmasters, and security analysts check and report IP addresses involved in various categories of malicious attacks. It provides an API to check and...