SOC Alert Analysis: Possible IDOR Attack Detected

Introduction Hello, and thank you for joining me in my latest blog entry! Today, we’re delving deep into a particularly intriguing Security Operations Center (SOC) Alert from LetsDefend, a platform renowned for its forward-thinking approach to cybersecurity training. LetsDefend stands out in the crowded field of cybersecurity with its commitment to providing a hands-on, immersive …

SOC Alert Analysis: Phishing Mail Detected – Excel 4.0 Macros

Introduction Hello, and thank you for joining me in my latest blog entry! Today, we’re exploring an intriguing Security Operations Center (SOC) Alert from LetsDefend, a platform celebrated for its innovative approach to cybersecurity training. LetsDefend excels in providing a hands-on learning environment, offering simulated settings and authentic scenarios. This approach is essential for cybersecurity …

Wireshark Investigation: Tracing the Digital Footprint of ‘SteelCoffee’

Introduction Welcome back! In today’s session, we’re embarking on an insightful case study to understand the malicious workings of malware through the lens of Wireshark’s advanced features. Our focus will be on the “SteelCoffee” traffic analysis exercise from malware-traffic-analysis.net. If you’re eager to engage hands-on, feel free to download the PCAP and alert files related …

SOC Alert Analysis: Possible SQL Injection Payload Detected

Introduction Hello and welcome to my latest blog post! In today’s article, I’ll be delving into an intriguing SOC (Security Operations Center) Alert from LetsDefend, a renowned platform known for its innovative approach to cybersecurity training. LetsDefend offers a hands-on learning experience, providing simulated environments and realistic scenarios that help cybersecurity professionals hone their skills …

Wireshark Investigation: A Comprehensive Exploration of ‘Email Roulette’

Introduction Welcome back! Today, we’re diving into a practical case study to examine and comprehend the sinister operations of malware, utilizing the dynamic capabilities of Wireshark. Our focus will be on analyzing the “Email Roulette” traffic analysis exercise from malware-traffic-analysis.net. For those who are keen to participate actively with their own setups, you’re encouraged to …

Wireshark Investigation: Analyzing ‘Turkey and Defense’ Network Traffic

Embark on a journey through the complex landscape of network security with our in-depth Wireshark tutorial. I break down the “Turkey and Defense” exercise from malware-traffic-analysis.net, providing a step-by-step analysis to identify, understand, and combat cyber threats. Sharpen your skills in packet dissection and elevate your understanding of malware traffic for stronger cybersecurity defenses.

Virtual Home Lab for Blue Team Security – Security Onion Setup – Section 4

Welcome to part four of my in-depth guide on configuring a Virtual Home Lab specifically for Blue Team Security. In this section, our primary focus will be on Security Onion. If you haven’t yet explored the preceding tutorial, which discusses the installation of pfSense in detail, I strongly suggest taking a look for a holistic …