Cybersecurity

How a SOC can efficiently manage priorities when writing detection logic for various MITRE ATT&CK techniques and what tools can help.

Kaspersky experts conducted a study of password resistance to attacks that use brute force and smart guessing techniques.

This is the first part of the research, devoted to null session vulnerability, unauthorized MS-RPC interface and domain user enumeration.

Our Security assessment team set up rankings that reflected our take on the most widespread and critical web application vulnerabilities as viewed through a prism of eight years’ experience.

I identified several signs of attacks that use forged certificates inside the network and developed a Proof-of-Concept utility capable of finding artifacts in AD, as well as a number of detection logic rules that can be added to SIEM.

This paper aims to provide guidance for organizations looking to select an MSSP and help to identify the benefits and drawbacks of using an MSSP.

How do we ensure the services being provided by SOCs are meeting expectations? How do we know continuous improvement is being incorporated in daily operations? The answer lies in the measurement of SOC internal processes and services.

Incident response playbooks help optimize the SOC processes, and are a major step forward to SOC maturity, but can be challenging for a company to develop. In this article, I want to share some insights on how to create the (almost) perfect playbook.

How deals and arrangements are made on the dark web, what parties are involved, what escrow services and arbitration are and how these affect the security of deals.

We decided to check what ChatGPT already knows about threat research and whether it can help with identifying simple adversary tools and classic indicators of compromise, such as well-known malicious hashes and domains.

What is the analyst on a penetration testing team, what role they perform at Kaspersky, and why is their job vital to the success of the project?

We have analyzed more than 800 IT job ads and resumes on the dark web. Here is what the dark web job market looks like.

A common perception in the infosec community is that there can never be too much security, but it is understood that “too much” security is expensive — and sometimes, prohibitively so — from a business perspective. So, where is that fine line that defines “just enough” security?

Brief introduction to setting up Ghidra, and then configuring it with a familiar UI and shortcuts, so that you would not need to re-learn all the key sequences you have got used to over the years.

How exactly can indicators of compromise help information security specialists in their everyday work? To find the answer we asked three Kaspersky experts to share their experience.