Tag: dfir

Dfir

Detecting Lateral Movement through tracking Windows Events

A research by Japan Computer Emergency Response Team   With “lateral movement’ we identify the techniques that enable an adversary to access and control remote systems on a network: an attacker can use lateral movement for many purposes, including remote execution of tools, pivoting to additional systems, access to specific information or files, access to additional […]

Cybersecurity, Malware Analysis

The ‘HoeflerText’ font wasn’t found? Beware, it’s a trap!

A new malware campaign targets Chrome users NeoSmart Technologies recently identified a malicious campaign that spreads through legitimate, but compromised, websites: Today while browsing a (compromised) WordPress site that shall remain unnamed, I came across a very interesting “hack” that was pulled off with a bit more finesse than most of the drive-by-infection attempts.