As the use of Microsoft 365 continues to grow, cyber attackers are increasingly targeting its cloud-based infrastructure. In this extensive post, we will delve into the realm of new Microsoft 365 attacks, exploring the attackers’ methods of gaining persistence within the Microsoft 365 cloud, and provide detailed countermeasures and best practices to enhance your organization’s […]Read more "Understanding and Defending Against Microsoft 365 Attacks"
Malware persistence is a crucial aspect of cyber threats that often goes unnoticed by unsuspecting users. In the realm of cybersecurity, it refers to the ability of malicious software to establish a foothold on a targeted system, allowing it to maintain its presence over an extended period. This persistence is achieved through various covert techniques, […]Read more "Malware Persistence Locations: Windows and Linux"
Many of my readers know me as a cybersecurity expert. More than 12 years of blogging on “security stuff”, malware analyses, cyber attack attributions, new tools and a personal (public here) cybersecurity observatory contributed a lot to push me into this specific direction. However during the past 10 years I did play many different roles. […]Read more "Leading the uncertainty: the decision-driven approach"
Introduction In today’s digital landscape, the prevalence of cyber threats and incidents has become a significant concern for individuals, organizations, and governments alike. I have had the opportunity to explore numerous vendor reports in the past months and gain insights into the evolving nature of breaches and incidents. Through my research, I have discovered a […]Read more "2023 Breaches and Incidents: Personal Notes"
In the ever-evolving landscape of cybersecurity, malicious actors constantly seek new ways to infiltrate computer systems, wreak havoc, and exploit vulnerabilities. One of their most insidious tools is polymorphic malware, a shape-shifting threat that challenges traditional defense mechanisms and poses a formidable challenge to organizations and individuals alike. In this blog post I will investigate […]Read more "Polymorphic Malware Using #AI"
Introduction to Prompting Artificial Intelligence (AI) has become an increasingly popular topic in recent years due to its potential to revolutionize various industries. The ability to automate tasks, analyze vast amounts of data, and make predictions has made AI a valuable tool for businesses and researchers alike. However, developing effective AI systems can be a […]Read more "The Relevance of Prompts in AI and Cybersecurity"
During talks and presentations people often ask me how do I remember so many names, different “artifacts” (a.k.a Malware) and groups. I actually ended up with a “hemmm … well… actually I just remember them since I read and write a lot about cyber threats”. So here it comes the Malware Family CheatSheet. This work […]Read more "Malware Families CheatSheet"
Inroduction ChatGPT or more generally speaking OpenAI is an incredible tool. It is a spectacular instrument helping people in many different fields, it helps people to summarize text, to produce poem, to build images and music, to answer to difficult questions and to automatize complex processes. So I decided to dedicate an entire blog-post to […]Read more "Threat Actors Sheets: OpenAI Generated !"
During the past 4 months Microsoft Onenote file format has been (ab)used as Malware carrier by different criminal groups. While the main infection vector is still on eMail side – so nothing really relevant to write on – the used techniques, the templates and the implemented code to inoculate Malware changed a lot. So it […]Read more "Onenote Malware: Classification and Personal Notes"