Malware Vaccine - the Unexplored Concept

With emerging technology and enhancing security features, organizations are becoming more mindful of new cyber attacks. The security of an enterprise improves when process updates, patches, and checks have been implemented fairly well. However, it is difficult to speculate if an organization is entirely safe from a malware attack. Organizations often look for different security procedures to follow to maintain their security. So, today in this article, we will comprehend an exciting topic: Malware Vaccine.

May 4, 2022 Read
Prototype Pollution - Part1

With time, attackers are finding new ways to exploit an application. We may have been using the application for a long time and are still unaware that it may be vulnerable to recent exploits. We learned about different security flaws and ways to detect them in my previous blog posts. You check them out here. Today, we will be learning about an attack that is not quite common, but it is not that uncommon too - Prototype Pollution.

February 3, 2022 Read
TryHackMe - Basic Malware RE Walkthrough

Getting started with malware analysis could be very confusing and equally dangerous. In the previousblog , we did some fundamental research on a malicious pdf file. This time we will proceed a bit and learn some more stuff about malware analysis. Now examining malicious software requires two most crucial steps: Static Analysis Dynamic Analysis Note: We do have memory analysis, too, but we will go about it later on.

October 28, 2021 Read
Malware Analysis- Getting Started

Attacking a big enterprise takes a huge time and planning, and hackers do it so efficiently that it sometimes becomes difficult for the enterprises to cope up with it. Most of the famous attacks that a group of hackers target are malware-based, whose intent is a specific enterprise or group of users to destroy or leak their data. I have mentioned and discussed various security jargon in my previous blogposts ,from where you can understand what kind of security aspects an organization should be taking care of and why they are important.

September 27, 2021 Read
SupplyChain Attacks

Organizations are constantly under target of cyber attacks and data breaches. New attacks keep coming. Sometimes the older attacks end up working and other times, these older attacks get some modification to perform a zero-day to compromise an organization. In today’s post, we will learn about a very interesting attack - the SupplyChain attack. You can check my previous blog posts here where I discussed some good security jargons and attacks that a security professional should be aware of.

June 13, 2021 Read
Magecart Attack

The news about a cyber attack in a big enterprise is not new. We keep on hearing about such attacks as to how millions of data are being stolen or leaked and can be found on the Dark Web. We are already aware of this scenario. As I always mention in my articles, nothing is 100% secure, so, as security professionals, it is important for us to take all the necessary precautions and be aware of the recent technologies and their respective attacks.

June 1, 2021 Read
Lets Learn About SOAR

After learning about the kinds of threats and what could be done by an organization in the previous blog posts, we are getting into more details about the same. In this post, we will learn about SOAR which is yet another corporate jargon, that should never be missed by a security professional. Let’s break it down and understand the meaning one by one. SOAR is one solution to improve the effectiveness of cyber-security operations.

February 25, 2021 Read
Network Access Control

In my previous blog posts , we learned about how nothing is 100% secure and how threats are finding new ways to compromise an organization. We also learned about the steps that the organization should take, to keep themselves all prepared for any kind of cyber-attack. Thus, in continuation to my previous articles, here, we will talk about who should be having access to a corporate network. And hence, the term “Network Access Control (NAC)” comes into the picture.

January 26, 2021 Read
Threat Intelligence

In our day to day lives, we keep hearing news about the data breach, accounts getting compromised, keeping our passwords stronger, and so on, what do all these remind us of??? Again, the same old thing, nothing is 100% secure. In the previous blog, I wrote about APT and inferred how such threats are compromising the organizations to a whole new level, and this is the reason why we are talking about threat intelligence.

December 27, 2020 Read
Advanced Persistent Threats

Working in a security domain for over 2 years, one thing that I keep realizing each day is nothing is 100% secure and we can never deny this fact. The more we strive for the security of an organization’s perimeter or boundary, the less we think about the internal network scenario of the same. Sometimes, some attacks, especially the zero-days, have already penetrated through the organization’s network and are sitting in the internal network, extracting the sensitive information of the organization one by one, and we are still unaware of it.

December 13, 2020 Read
A Short Comparison Between Solidity and Vyper

Smart contracts are made with the concept of bringing more applications of blockchain and not just sticking to being used for cryptocurrencies. They are just simple pieces of code adding logic to a problem to find the solution. Solidity is the very first programming language that is created for writing smart contracts for the Ethereum blockchain platform. And so is Vyper but vyper is not the first programming language but has been built recently.

November 15, 2020 Read
Zero Trust Security Model

Every day we come across a new kind of vulnerability or a zero-day attack on an application. It is quite known that nothing is 100% secure. We do observe different kinds of data breaches or accounts getting compromised. And this is something unacceptable. Every organization implements a new policy based on the recent hacks or threats, that they may or may not have suffered from. And of course, there has to be a long term solution to it.

November 2, 2020 Read