Blogs

How Cyberseer detect Burpsuite using the Darktrace Published: 5th August Burpsuite is a graphical tool for testing Web application security and vulnerabilities that can be used for penetration testing. It’s a framework which allows an adversary not only to carry out reconnaissance but also gives them the ability to intercept ...

Why is visibility so important in today’s new norm of remote working? Published: 8th July In the wake of COVID-19 we now have new breeds of remote workers. Businesses have always had a small proportion of remote workers however, pre COVID-19 these were normally field based personnel connecting to specific ...

Discoveries made by the Cyberseer SOC Published: 8th July RIG Exploit Kit (RigEK) Industry Sector: Financial Threat source: External Cyberseer utilises machine learning models to detect a device behaving abnormally. Analysts monitoring for this activity discovered a corporate device beaconing to a newly generated domain. The suspect device was being ...

What are Cloud Security and Posture Management tools? Published 24th June 2020 Gartner had in its report published in early 2019, recommended that security leaders invest in cloud security and posture management tools to identify and remediate the risks of misconfiguration, mismanagement, and mistakes. Enterprises have since then started focusing ...

Securing the Cloud Infrastructure: Native vs Cloud Control Published 23rd June Despite the rise of cloud security breaches, enterprises fail to understand the need to implement a future proof cloud security solution. Two questions we are constantly asked are: Cloud is secure by default then why Cloud Control? My cloud ...

Google Chronicle: The forward-thinking solution for threat hunting Chronicle is a new threat hunting platform, developed by Google. Leveraging Google, Cloud and Threat Feed technologies it provides analysts the ability to deep dive into accessible and enriched logs. It gives companies 12 months of hot storage with sub-second search ability. ...

De stress your security staff with an advanced SOC? Published: 9th February 2020 Many factors affect the ability for and organisation to remain secure, including an exponential increase in log data due to the adoption of cloud operating models, endpoint monitoring and more reliance being placed on online applications. The ...

8 Reasons for Detecting & Investigating Security Incidents with a Managed Security Provider The threat landscape is continually evolving affecting all types of business that embrace and rely on technology to continue their day to day operations. The explosion of cloud-based applications and services coupled with initiatives such as Bring ...

Detecting Emotet Malspam​ Introduction to Emotet Malspam Recently, one of Cyberseer’s customer’s was hit with a “Malspam” campaign aiming to plant the Emotet malware within its network.  The original e-mail was sent to a distribution group which quickly escalated the situation. As this was a new campaign for that day, ...