The number of cyber-attacks is growing every day. Constantly there are new and complex threats, cybercriminals use clever tricks to bypass existing security technologies. For safety reasons it is not enough traditional solutions, such as antivirus, firewall and intrusion prevention system. Therefore resorted to Threat Intelligence System (TI) recently to protect the data.
Johnny Appleseed shared the article “Basics of Windows Incident Response”.
Not so long ago was a post in which it is revealed that, some advanced malware can detect a virtual environment such as a sandbox to avoid detection and analysis. Due to the fact that, some threats can also detect monitoring tools used for malware analysis, these malware will not run to seem harmless. It was created a quick proof of concept (POC), to demonstrate the defensive tactics. Some malware use a mutex or registry key (a previous version of Locky).
Thomas Reed in his blog talks about the new Mac malware in 2017 year. He drew their attention to it, because it had not previously met. This malware program was extremely simplistic on the surface, consisting of only two files.
John Pauling published a refutation of the article titled “Cloud is evil …”. In his post, he, regardless of point of view, considers each of the claims in this article, from his point of view and extensive experience DFIR with AWS (and to some extent Azure). He describes in detail his opinion and experience in claims, and you can view it here.