Token Theft Part 2 - Defensive August 2023Introduction In this 2nd part of the “Token Theft” series, we will cover the blue team topics of how to detect, defend and respond to these attacks. By compromising and...
Token Theft Part 1 - Offensive August 2023An increasing number of cyber-attacks employ techniques to bypass multi-factor authentication (MFA) which allows criminals the ability to access corporate networks with limited ability by security teams to detect these...
Importance of IOC Detection Rules July 2023What is an Indicator of Compromise (IOC)? An Indicator of Compromise (IOC) is a piece of information that indicates a potential security breach or cyberattack. An IOC can be an...
(Another) Business Email Compromise (BEC) Story June 2023What is Business Email Compromise (BEC)? Business Email Compromise (BEC) is a type of targeted cybercrime attack where the attacker uses compromised email access and tailored email messages to trick...
A foundational Threat Hunting framework April 2023What is a Threat Hunting? Many organisations today face unprecedented levels of cyber-attacks, and the trend keeps growing with each passing year. The Security Operations Center (SOC) is the first...
The difference between a SOC and a SIEM and do you need both? April 2023Organisations looking to improve their cybersecurity posture are faced with many buying decisions, terminology and technology. The terms SIEM and SOC are sometimes incorrectly used interchangeably so what is the difference...