The world of cybersecurity is brimming with acronyms, each representing a technology or process crucial for safeguarding your organization’s data and systems. But for those new to the field, navigating this alphabet soup can be daunting. This blog post aims to demystify four key terms: XDR (Extended Detection and Response), EDR (Endpoint Detection and Response),Continue reading “Untangling the Security Acronym Soup: XDR, EDR, SIEM, and SOAR.”
Category Archives: Security
Pass-the-Hash (PtH) Attack
At some point when an attacker or a malicious user acquires the password hash, its not necessary decrypt it to get access to the resource, the has can be passed as it is. In a pass-the-hash attack, an attacker steals a user’s password hash (a one-way, encrypted representation of the password) instead of the actualContinue reading “Pass-the-Hash (PtH) Attack”
Cracking the Rainbow: Understanding Rainbow Table Attacks
Imagine a treasure chest overflowing with colorful chains, each a link to a secret password. That’s essentially the concept behind a rainbow table attack, a method hackers use to crack stolen password hashes. Here’s the breakdown: Rainbow Table Attack Example (Hypothetical Scenario): Download a sample rainbow table or create rainbow tables using rainbowcrack Since hashesContinue reading “Cracking the Rainbow: Understanding Rainbow Table Attacks”
Windows and Secure authentication mechanism
Storage of Password Hashes Windows does not store passwords in plaintext; instead, it stores hashed versions of passwords. However, Windows does not use MD5 for password hashing. Instead, it uses NTLM (NT LAN Manager) hashes, specifically: NTLM (NT LAN Manager) has been used in various versions of Windows for network authentication, including: NTLM continues toContinue reading “Windows and Secure authentication mechanism”
Brute Force Password Attacks
Brute force password attacks are a common method used by cybercriminals to gain unauthorized access to systems, accounts, or sensitive data. This type of attack involves systematically trying all possible combinations of passwords until the correct one is found. The process, although time-consuming, can be highly effective, especially against weak or commonly used passwords. MechanismContinue reading “Brute Force Password Attacks”
DDoS: Wireshark Packet analysis for an Internal Attack
In the wake of a DDoS attack originating internally within a network, swift identification of the source is crucial for mitigating the threat and restoring normal operations. Leveraging Wireshark as an analysis tool can be instrumental in this process. Upon encountering suspicious network activity, initiate Wireshark to capture packets for analysis. You can achieve thisContinue reading “DDoS: Wireshark Packet analysis for an Internal Attack”
DDoS Attack: An Analysis with Wireshark
Distributed Denial of Service (DDoS) attacks have become a prevalent threat in the digital landscape, disrupting online services and causing significant downtime. To safeguard against these attacks, network administrators and cybersecurity professionals employ various tools and techniques. In this article, we’ll explore how Wireshark, a widely-used network protocol analyzer, can be utilized to analyze andContinue reading “DDoS Attack: An Analysis with Wireshark”
Network Access Control
Identity and access management (IAM) is key to ensure the security of an enterprise network. Threats originating from the outside are dealt with the firewall. But for an enterprise, threats originating internally show no sign of slowing. This part one article will shed some light on internal threats and recommend baby steps to secure the infrastructure. MostContinue reading “Network Access Control”
Cloud and Security 