Snatch Ransomware – Malware Analysis Case StudyOverview. During last month LIFARS DFIR Team encountered various variants of Snatch Ransomware. This ransomware is known for its capability... KNOWLEDGE CENTER Case Study Clipper AutoIt v2 LIFARS DFIR Team discovered QUILCLIPPER AutoIt Malware Qulab Stealer and Clipper malware Clipper AutoIt v2 – QUILCLIPPER AutoIt Malware July 1, 2020 Overview. During a recent engagement, the LIFARS DFIR Team discovered a sample of rare malware, which uses not very common techniques. It turns out that... Case Study Cryptocurrency Miners Threat Actors Use Targeted Attack XMRig-based CoinMiners by Blue Mockingbird group Cryptocurrency Miners – XMRig Based CoinMiner by Blue Mockingbird Group June 1, 2020 Since the end of March LIFARS DFIR team has observed an increase in the number of incidents related to Monero... Case Study LIFARS Pen Testing Team VPN Security VPN Solution Security Case Study VPN Solution Security Testing VPN Solution Security Testing April 30, 2020 In April, our client requested LIFARS Pen Testing Team to perform an authenticated black-box penetration test of the VPN solution... Case Study LIFARS Pen Testing Team LIFARS Tech Diary Session hijacking attack What is Session Hijacking? Session Hijacking – Case Study April 28, 2020 LIFARS frequently conducts penetration tests to ensure the effectiveness of our client’s security implementations and to evaluate whether their systems... Advanced Persistent Threat APT41 APT41 – A spy who steals or a thief who spies Case Study LIFARS Tech Diary nation-state actor becomes a cybercriminal Spy Who Encrypted Me APT41 – A spy who steals or a thief who spies April 21, 2020 APT41 – The Spy Who Encrypted Me. This case study is based on our most recent investigation into one of... Case Study Cyber Incident Response Tools Data Breach Response Incident Response Retainer LIFARS Tech Diary Osquery for Cyber Incident Response Osquery for Cyber Threat Detection and DFIR Osquery for Cyber Incident Response March 19, 2020 In this case study we demonstrate the use of Osquery framework for cyber security incident response.In this case study we... Case Study Extract used plaintext passwords How to Crack Password LIFARS Password Cracking Password Cracking Password Cracking Case Study LIFARS Password Cracking Case Study March 18, 2020 For this case study we extract used plaintext passwords from more than 1,500,000 cracked active directory hashes from LIFARS’ former... Case Study Technical Tools Voltaire - Open Source Tool for Cyber Incident Response What does Voltaire/Voila do? What is Voltaire/Voila? Voltaire – New Tool for Cyber Incident Response from LIFARS March 10, 2020 What is Voltaire/Voila? At LIFARS, we process memory images as part of our incident response process. In these cases, it... Case Study Cyber Resilience Experts internet facing infrastructure LIFARS Pen Testing Team Man-in-the-middle (MiTM) attacks NAC Bypass and ARP Spoofing NAC Bypass and ARP Spoofing – Case Study February 17, 2020 To ensure the effectiveness of our client’s security implementations LIFARS frequently conducts penetration tests evaluating their systems can hold up... Case Study Cisco and Fortinet Hacking Cisco Hacking Cyber Resilience Experts Fortinet FortiOS Fortinet Hacking penetration tests evaluating Cisco and Fortinet Hacking – Case Study February 9, 2020 To ensure the effectiveness of our client’s security implementations LIFARS frequently conducts penetration tests evaluating their systems can hold up... Case Study Cyber Resilience Experts Fortune 500 company implemented security measures Phishing Test send out phishing emails Case Study – Phishing Test January 29, 2020 Phishing test to ensure implemented security measures remain effective. LIFARS regularly conducts phishing tests, in addition to penetration tests to... Case Study Controlled folder access Defend against Ransomware Ransomware Attack Recovery Services Technical Guide Defend against Ransomware: Controlled Folder Access January 25, 2020 Ransomware has been a significant and serious threat to organizations. A successful attack not only causes a monetary loss but... APT groups Case Study compromise corporate networks cyberattacks against Western infrastructures state sponsored groups target critical infrastructures The Threat of Iranian Hackers The Threat of Iranian Hackers January 21, 2020 Based on the current tense situation in the world U.S elimination of the Iranian general associated with terrorist attacks there... Case Study External Penetration Test network penetration testing OWA and O365 Hacking OWA Security Vulnerability Penetration Testing Firm Outlook Web Application (OWA) and Office 365 (O365) Hacking January 17, 2020 LIFARS regularly conducts penetration tests to ensure the effectiveness of the security measures of our clients maintain strong and can... BitPaymer and DoppelPaymer campaign BitPaymer Ransomware Case Study Cyber Vaccines Dridex CyberVaccine LIFARS Tech Diary Malware Analysis of Dridex Ransomware fix Technical Guide Technical Tools what is cyber vaccine Ransomware Fix and Cyber Vaccines – Malware Analysis of Dridex, BitPaymer and DoppelPaymer campaign November 27, 2019 Threat actors are constantly working towards finding new and complex ways to deploy cyber-attacks. The affiliates behind Dridex initially used...
Snatch Ransomware – Malware Analysis Case StudyOverview. During last month LIFARS DFIR Team encountered various variants of Snatch Ransomware. This ransomware is known for its capability...
KNOWLEDGE CENTER Case Study Clipper AutoIt v2 LIFARS DFIR Team discovered QUILCLIPPER AutoIt Malware Qulab Stealer and Clipper malware Clipper AutoIt v2 – QUILCLIPPER AutoIt Malware July 1, 2020 Overview. During a recent engagement, the LIFARS DFIR Team discovered a sample of rare malware, which uses not very common techniques. It turns out that... Case Study Cryptocurrency Miners Threat Actors Use Targeted Attack XMRig-based CoinMiners by Blue Mockingbird group Cryptocurrency Miners – XMRig Based CoinMiner by Blue Mockingbird Group June 1, 2020 Since the end of March LIFARS DFIR team has observed an increase in the number of incidents related to Monero... Case Study LIFARS Pen Testing Team VPN Security VPN Solution Security Case Study VPN Solution Security Testing VPN Solution Security Testing April 30, 2020 In April, our client requested LIFARS Pen Testing Team to perform an authenticated black-box penetration test of the VPN solution... Case Study LIFARS Pen Testing Team LIFARS Tech Diary Session hijacking attack What is Session Hijacking? Session Hijacking – Case Study April 28, 2020 LIFARS frequently conducts penetration tests to ensure the effectiveness of our client’s security implementations and to evaluate whether their systems... Advanced Persistent Threat APT41 APT41 – A spy who steals or a thief who spies Case Study LIFARS Tech Diary nation-state actor becomes a cybercriminal Spy Who Encrypted Me APT41 – A spy who steals or a thief who spies April 21, 2020 APT41 – The Spy Who Encrypted Me. This case study is based on our most recent investigation into one of... Case Study Cyber Incident Response Tools Data Breach Response Incident Response Retainer LIFARS Tech Diary Osquery for Cyber Incident Response Osquery for Cyber Threat Detection and DFIR Osquery for Cyber Incident Response March 19, 2020 In this case study we demonstrate the use of Osquery framework for cyber security incident response.In this case study we... Case Study Extract used plaintext passwords How to Crack Password LIFARS Password Cracking Password Cracking Password Cracking Case Study LIFARS Password Cracking Case Study March 18, 2020 For this case study we extract used plaintext passwords from more than 1,500,000 cracked active directory hashes from LIFARS’ former... Case Study Technical Tools Voltaire - Open Source Tool for Cyber Incident Response What does Voltaire/Voila do? What is Voltaire/Voila? Voltaire – New Tool for Cyber Incident Response from LIFARS March 10, 2020 What is Voltaire/Voila? At LIFARS, we process memory images as part of our incident response process. In these cases, it... Case Study Cyber Resilience Experts internet facing infrastructure LIFARS Pen Testing Team Man-in-the-middle (MiTM) attacks NAC Bypass and ARP Spoofing NAC Bypass and ARP Spoofing – Case Study February 17, 2020 To ensure the effectiveness of our client’s security implementations LIFARS frequently conducts penetration tests evaluating their systems can hold up... Case Study Cisco and Fortinet Hacking Cisco Hacking Cyber Resilience Experts Fortinet FortiOS Fortinet Hacking penetration tests evaluating Cisco and Fortinet Hacking – Case Study February 9, 2020 To ensure the effectiveness of our client’s security implementations LIFARS frequently conducts penetration tests evaluating their systems can hold up... Case Study Cyber Resilience Experts Fortune 500 company implemented security measures Phishing Test send out phishing emails Case Study – Phishing Test January 29, 2020 Phishing test to ensure implemented security measures remain effective. LIFARS regularly conducts phishing tests, in addition to penetration tests to... Case Study Controlled folder access Defend against Ransomware Ransomware Attack Recovery Services Technical Guide Defend against Ransomware: Controlled Folder Access January 25, 2020 Ransomware has been a significant and serious threat to organizations. A successful attack not only causes a monetary loss but... APT groups Case Study compromise corporate networks cyberattacks against Western infrastructures state sponsored groups target critical infrastructures The Threat of Iranian Hackers The Threat of Iranian Hackers January 21, 2020 Based on the current tense situation in the world U.S elimination of the Iranian general associated with terrorist attacks there... Case Study External Penetration Test network penetration testing OWA and O365 Hacking OWA Security Vulnerability Penetration Testing Firm Outlook Web Application (OWA) and Office 365 (O365) Hacking January 17, 2020 LIFARS regularly conducts penetration tests to ensure the effectiveness of the security measures of our clients maintain strong and can... BitPaymer and DoppelPaymer campaign BitPaymer Ransomware Case Study Cyber Vaccines Dridex CyberVaccine LIFARS Tech Diary Malware Analysis of Dridex Ransomware fix Technical Guide Technical Tools what is cyber vaccine Ransomware Fix and Cyber Vaccines – Malware Analysis of Dridex, BitPaymer and DoppelPaymer campaign November 27, 2019 Threat actors are constantly working towards finding new and complex ways to deploy cyber-attacks. The affiliates behind Dridex initially used...
Case Study Clipper AutoIt v2 LIFARS DFIR Team discovered QUILCLIPPER AutoIt Malware Qulab Stealer and Clipper malware Clipper AutoIt v2 – QUILCLIPPER AutoIt Malware July 1, 2020 Overview. During a recent engagement, the LIFARS DFIR Team discovered a sample of rare malware, which uses not very common techniques. It turns out that...
Case Study Cryptocurrency Miners Threat Actors Use Targeted Attack XMRig-based CoinMiners by Blue Mockingbird group Cryptocurrency Miners – XMRig Based CoinMiner by Blue Mockingbird Group June 1, 2020 Since the end of March LIFARS DFIR team has observed an increase in the number of incidents related to Monero...
Case Study LIFARS Pen Testing Team VPN Security VPN Solution Security Case Study VPN Solution Security Testing VPN Solution Security Testing April 30, 2020 In April, our client requested LIFARS Pen Testing Team to perform an authenticated black-box penetration test of the VPN solution...
Case Study LIFARS Pen Testing Team LIFARS Tech Diary Session hijacking attack What is Session Hijacking? Session Hijacking – Case Study April 28, 2020 LIFARS frequently conducts penetration tests to ensure the effectiveness of our client’s security implementations and to evaluate whether their systems...
Advanced Persistent Threat APT41 APT41 – A spy who steals or a thief who spies Case Study LIFARS Tech Diary nation-state actor becomes a cybercriminal Spy Who Encrypted Me APT41 – A spy who steals or a thief who spies April 21, 2020 APT41 – The Spy Who Encrypted Me. This case study is based on our most recent investigation into one of...
Case Study Cyber Incident Response Tools Data Breach Response Incident Response Retainer LIFARS Tech Diary Osquery for Cyber Incident Response Osquery for Cyber Threat Detection and DFIR Osquery for Cyber Incident Response March 19, 2020 In this case study we demonstrate the use of Osquery framework for cyber security incident response.In this case study we...
Case Study Extract used plaintext passwords How to Crack Password LIFARS Password Cracking Password Cracking Password Cracking Case Study LIFARS Password Cracking Case Study March 18, 2020 For this case study we extract used plaintext passwords from more than 1,500,000 cracked active directory hashes from LIFARS’ former...
Case Study Technical Tools Voltaire - Open Source Tool for Cyber Incident Response What does Voltaire/Voila do? What is Voltaire/Voila? Voltaire – New Tool for Cyber Incident Response from LIFARS March 10, 2020 What is Voltaire/Voila? At LIFARS, we process memory images as part of our incident response process. In these cases, it...
Case Study Cyber Resilience Experts internet facing infrastructure LIFARS Pen Testing Team Man-in-the-middle (MiTM) attacks NAC Bypass and ARP Spoofing NAC Bypass and ARP Spoofing – Case Study February 17, 2020 To ensure the effectiveness of our client’s security implementations LIFARS frequently conducts penetration tests evaluating their systems can hold up...
Case Study Cisco and Fortinet Hacking Cisco Hacking Cyber Resilience Experts Fortinet FortiOS Fortinet Hacking penetration tests evaluating Cisco and Fortinet Hacking – Case Study February 9, 2020 To ensure the effectiveness of our client’s security implementations LIFARS frequently conducts penetration tests evaluating their systems can hold up...
Case Study Cyber Resilience Experts Fortune 500 company implemented security measures Phishing Test send out phishing emails Case Study – Phishing Test January 29, 2020 Phishing test to ensure implemented security measures remain effective. LIFARS regularly conducts phishing tests, in addition to penetration tests to...
Case Study Controlled folder access Defend against Ransomware Ransomware Attack Recovery Services Technical Guide Defend against Ransomware: Controlled Folder Access January 25, 2020 Ransomware has been a significant and serious threat to organizations. A successful attack not only causes a monetary loss but...
APT groups Case Study compromise corporate networks cyberattacks against Western infrastructures state sponsored groups target critical infrastructures The Threat of Iranian Hackers The Threat of Iranian Hackers January 21, 2020 Based on the current tense situation in the world U.S elimination of the Iranian general associated with terrorist attacks there...
Case Study External Penetration Test network penetration testing OWA and O365 Hacking OWA Security Vulnerability Penetration Testing Firm Outlook Web Application (OWA) and Office 365 (O365) Hacking January 17, 2020 LIFARS regularly conducts penetration tests to ensure the effectiveness of the security measures of our clients maintain strong and can...
BitPaymer and DoppelPaymer campaign BitPaymer Ransomware Case Study Cyber Vaccines Dridex CyberVaccine LIFARS Tech Diary Malware Analysis of Dridex Ransomware fix Technical Guide Technical Tools what is cyber vaccine Ransomware Fix and Cyber Vaccines – Malware Analysis of Dridex, BitPaymer and DoppelPaymer campaign November 27, 2019 Threat actors are constantly working towards finding new and complex ways to deploy cyber-attacks. The affiliates behind Dridex initially used...
