Wireshark Investigation: Deciphering IcedID Malware Communications
Explore IcedID malware analysis with Wireshark: Uncover risks, hands-on investigation tips, and cybersecurity defenses in this in-depth blog post.
Explore IcedID malware analysis with Wireshark: Uncover risks, hands-on investigation tips, and cybersecurity defenses in this in-depth blog post.
Introduction Hello, and thank you for joining me in my latest blog entry! Today, we’re exploring an intriguing Security Operations Center (SOC) Alert from LetsDefend, a platform celebrated for its innovative approach to cybersecurity training. LetsDefend excels in providing a hands-on learning environment, offering simulated settings and authentic scenarios. This approach is essential for cybersecurity …
Read more “SOC Alert Analysis: Phishing Mail Detected – Excel 4.0 Macros”
Introduction Welcome back! In today’s session, we’re embarking on an insightful case study to understand the malicious workings of malware through the lens of Wireshark’s advanced features. Our focus will be on the “SteelCoffee” traffic analysis exercise from malware-traffic-analysis.net. If you’re eager to engage hands-on, feel free to download the PCAP and alert files related …
Read more “Wireshark Investigation: Tracing the Digital Footprint of ‘SteelCoffee’”
Introduction Welcome back! Today, we’re diving into a practical case study to examine and comprehend the sinister operations of malware, utilizing the dynamic capabilities of Wireshark. Our focus will be on analyzing the “Email Roulette” traffic analysis exercise from malware-traffic-analysis.net. For those who are keen to participate actively with their own setups, you’re encouraged to …
Read more “Wireshark Investigation: A Comprehensive Exploration of ‘Email Roulette’”
Embark on a journey through the complex landscape of network security with our in-depth Wireshark tutorial. I break down the “Turkey and Defense” exercise from malware-traffic-analysis.net, providing a step-by-step analysis to identify, understand, and combat cyber threats. Sharpen your skills in packet dissection and elevate your understanding of malware traffic for stronger cybersecurity defenses.
Welcome to part four of my in-depth guide on configuring a Virtual Home Lab specifically for Blue Team Security. In this section, our primary focus will be on Security Onion. If you haven’t yet explored the preceding tutorial, which discusses the installation of pfSense in detail, I strongly suggest taking a look for a holistic …
Read more “Virtual Home Lab for Blue Team Security – Security Onion Setup – Section 4”
This is the second part of my Virtual Home Lab for Blue Team Security tutorial. If you would like to review the pervious introduction section of this blog series, please click here. Introduction In the previous section of this blog series, I reviewed the hardware recommendations for the implementation of this virtual home lab environment. …
Read more “Virtual Home Lab for Blue Team Security – Network Topology – Section 2”
Introduction to Nmap Nmap, short for Network Mapper, is an open-source tool that is used for network scanning and security auditing. It is a widely used tool that is considered to be essential by many cybersecurity professionals, network administrators, and ethical hackers. The primary purpose of Nmap is to discover hosts and services on a …