The Rising of Protestware During Times of War

In the ever-evolving landscape of cybersecurity threats, a disconcerting phenomenon has emerged, challenging the conventional notions of malicious software. Enter “protestware” — a term that sends shivers down the spines of cybersecurity experts and individuals alike. Unlike traditional malware, protestware isn’t designed with the sole purpose of exploiting vulnerabilities or stealing sensitive information. Instead, it […]

Read more "The Rising of Protestware During Times of War"

Understanding and Defending Against Microsoft 365 Attacks

As the use of Microsoft 365 continues to grow, cyber attackers are increasingly targeting its cloud-based infrastructure. In this extensive post, we will delve into the realm of new Microsoft 365 attacks, exploring the attackers’ methods of gaining persistence within the Microsoft 365 cloud, and provide detailed countermeasures and best practices to enhance your organization’s […]

Read more "Understanding and Defending Against Microsoft 365 Attacks"

Malware Persistence Locations: Windows and Linux

Malware persistence is a crucial aspect of cyber threats that often goes unnoticed by unsuspecting users. In the realm of cybersecurity, it refers to the ability of malicious software to establish a foothold on a targeted system, allowing it to maintain its presence over an extended period. This persistence is achieved through various covert techniques, […]

Read more "Malware Persistence Locations: Windows and Linux"

Leading the uncertainty: the decision-driven approach

Many of my readers know me as a cybersecurity expert. More than 12 years of blogging on “security stuff”, malware analyses, cyber attack attributions, new tools and a personal (public here) cybersecurity observatory contributed a lot to push me into this specific direction. However during the past 10 years I did play many different roles. […]

Read more "Leading the uncertainty: the decision-driven approach"

2023 Breaches and Incidents: Personal Notes

Introduction In today’s digital landscape, the prevalence of cyber threats and incidents has become a significant concern for individuals, organizations, and governments alike. I have had the opportunity to explore numerous vendor reports in the past months and gain insights into the evolving nature of breaches and incidents. Through my research, I have discovered a […]

Read more "2023 Breaches and Incidents: Personal Notes"

Polymorphic Malware Using #AI

In the ever-evolving landscape of cybersecurity, malicious actors constantly seek new ways to infiltrate computer systems, wreak havoc, and exploit vulnerabilities. One of their most insidious tools is polymorphic malware, a shape-shifting threat that challenges traditional defense mechanisms and poses a formidable challenge to organizations and individuals alike. In this blog post I will investigate […]

Read more "Polymorphic Malware Using #AI"

The Relevance of Prompts in AI and Cybersecurity

Introduction to Prompting Artificial Intelligence (AI) has become an increasingly popular topic in recent years due to its potential to revolutionize various industries. The ability to automate tasks, analyze vast amounts of data, and make predictions has made AI a valuable tool for businesses and researchers alike. However, developing effective AI systems can be a […]

Read more "The Relevance of Prompts in AI and Cybersecurity"

Many Generative Pre-Trained Transformer (GPT): a pragmatic evaluation.

Artificial intelligence (AI) is a rapidly evolving field that involves the development of intelligent machines that can perform tasks that typically require human intelligence, such as visual perception, speech recognition, decision-making, and language translation. AI has the potential to revolutionize the way we work and live, with the ability to automate tasks and processes, increase […]

Read more "Many Generative Pre-Trained Transformer (GPT): a pragmatic evaluation."