SOC Alert Analysis: Phishing Mail Detected – Excel 4.0 Macros

Introduction Hello, and thank you for joining me in my latest blog entry! Today, we’re exploring an intriguing Security Operations Center (SOC) Alert from LetsDefend, a platform celebrated for its innovative approach to cybersecurity training. LetsDefend excels in providing a hands-on learning environment, offering simulated settings and authentic scenarios. This approach is essential for cybersecurity …

Wireshark Investigation: Tracing the Digital Footprint of ‘SteelCoffee’

Introduction Welcome back! In today’s session, we’re embarking on an insightful case study to understand the malicious workings of malware through the lens of Wireshark’s advanced features. Our focus will be on the “SteelCoffee” traffic analysis exercise from malware-traffic-analysis.net. If you’re eager to engage hands-on, feel free to download the PCAP and alert files related …

Wireshark Investigation: A Comprehensive Exploration of ‘Email Roulette’

Introduction Welcome back! Today, we’re diving into a practical case study to examine and comprehend the sinister operations of malware, utilizing the dynamic capabilities of Wireshark. Our focus will be on analyzing the “Email Roulette” traffic analysis exercise from malware-traffic-analysis.net. For those who are keen to participate actively with their own setups, you’re encouraged to …

Wireshark Investigation: Analyzing ‘Turkey and Defense’ Network Traffic

Embark on a journey through the complex landscape of network security with our in-depth Wireshark tutorial. I break down the “Turkey and Defense” exercise from malware-traffic-analysis.net, providing a step-by-step analysis to identify, understand, and combat cyber threats. Sharpen your skills in packet dissection and elevate your understanding of malware traffic for stronger cybersecurity defenses.

Virtual Home Lab for Blue Team Security – Security Onion Setup – Section 4

Welcome to part four of my in-depth guide on configuring a Virtual Home Lab specifically for Blue Team Security. In this section, our primary focus will be on Security Onion. If you haven’t yet explored the preceding tutorial, which discusses the installation of pfSense in detail, I strongly suggest taking a look for a holistic …

Network Topology

Virtual Home Lab for Blue Team Security – Network Topology – Section 2

This is the second part of my Virtual Home Lab for Blue Team Security tutorial. If you would like to review the pervious introduction section of this blog series, please click here. Introduction In the previous section of this blog series, I reviewed the hardware recommendations for the implementation of this virtual home lab environment. …

Basic Nmap Commands and Scanning Techniques

Introduction to Nmap Nmap, short for Network Mapper, is an open-source tool that is used for network scanning and security auditing. It is a widely used tool that is considered to be essential by many cybersecurity professionals, network administrators, and ethical hackers. The primary purpose of Nmap is to discover hosts and services on a …