How to: Detect and prevent common data exfiltration attacks
Guest Post: Mitigate for APT threats with these best practices for detecting and preventing data exfiltration attacks.
Tag: How to
Threat hunting with Yara: The red pill approach
Guest Post: Learn how to combine Yara with other tools to have full control over the condition validation process.
How to properly interpret a traceroute or MTR
Guest Post: MTR is a useful tool for diagnosing packet loss.
Threat hunting with Yara: Dealing with wildcard hexadecimal patterns
Guest Post: Learn how to use Yara’s native hexadecimal pattern definition features to create fast rules with fewer false positives and no alarming nested loops.
Threat hunting with Yara: Measuring distance between any three elements
Guest Post: Learn how to use Yara’s math module and min/max functions to measure distance between patterns.
Threat hunting with Yara: The three body problem
Guest Post: Get to know how to use Yara with real-life research problems — detecting code evolution and shellcodes.
Publishing IPv6 NTP servers with DHCPv6
Guest Post: Learn how to navigate through the relevant RFCs associated with publishing IPv6 NTP servers with DHCPv6.
How to analyse a cyber attack chain: A cyber drill scenario from BGD e-GOV CIRT
Guest Post: BGD e-GOV CIRT takes us through the steps of a recent Exchange cyber drill run for local financial institutions in Bangladesh.
How to: Employing network validation, part 2
Guest Post: Learn how to use open-source tools, Suzieq and Batfish, to validate and evaluate network automation processes.
Three of the best: How to
‘How to’ posts are a great way to learn how to use a new tool, troubleshoot problems, or perform advanced tasks. Here are three of 2021’s best.