Articles - Cybersec Sentinel

Articles

A collection of 9 posts

Detect IOCs with YARA on Ubuntu and Windows

Detect IOCs with YARA on Ubuntu and Windows

YARA is one of the most versatile and powerful tools in the arsenal of security engineers and malware analysts. Whether you're defending Windows fleets or Linux servers, mastering YARA means being able to rapidly scan, classify, and hunt down malicious files and patterns based on known indicators of

The AI Deception: How Poisoned LLMs Can Trigger System Outages

The AI Deception: How Poisoned LLMs Can Trigger System Outages

Large Language Models (LLMs), a type of AI model, are rapidly changing the landscape of cybersecurity. These sophisticated algorithms can analyse vast amounts of data, identify patterns, and generate responses with remarkable accuracy. However, this reliance on AI also introduces new vulnerabilities. One of the most concerning is the potential

Privileged Access Tools Are Not Enough to Secure Your Systems

Privileged Access Tools Are Not Enough to Secure Your Systems

Privileged accounts form the backbone of IT systems, granting elevated access to critical resources and sensitive data. Tools such as Entra ID Privileged Identity Management (PIM), CyberArk, BeyondTrust, and Delinea (formerly Thycotic) are essential components of Privileged Access Management (PAM), offering capabilities like password vaulting, session monitoring, and just-in-time (JIT)

Staying Ahead of Cyber Threats with Proactive Exposure Management

Staying Ahead of Cyber Threats with Proactive Exposure Management

Overview As organisations face an increasingly complex and evolving threat landscape, proactive cybersecurity measures have become critical. This article explores Proactive Exposure Management, a forward-looking strategy that leverages artificial intelligence (AI) and advanced technologies to identify, assess, and mitigate potential security risks before they can be exploited. By adopting this

Continuous Threat Exposure Management (CTEM): A Detailed Guide for Cybersecurity Defence

How To's Featured

Continuous Threat Exposure Management (CTEM): A Detailed Guide for Cybersecurity Defence

CTEM is a proactive cybersecurity approach that continuously monitors, assesses, and mitigates threats like ransomware and data breaches. It enhances risk prioritisation, compliance, and cost efficiency while staying updated with evolving cyber threats through advisories.

Staying Ahead of AI-Driven Cyber Threats with a Multi-Layered Defense Approach

Staying Ahead of AI-Driven Cyber Threats with a Multi-Layered Defense Approach

Introduction: The Rise of AI-Generated Malware As artificial intelligence (AI) continues to evolve, its applications in the field of cybersecurity have become a double-edged sword. On one side, AI enhances the capabilities of defense systems, helping organizations detect, prevent, and mitigate threats faster than ever before. On the other side,

Mitre ATT&CK Framework Simplified: Understanding Cyber Threats

Mitre ATT&CK Framework Simplified: Understanding Cyber Threats

Contents * Introduction * The Foundations of ATT&CK * Why the ATT&CK Framework Matters * In-Depth Exploration of ATT&CK Components * The ATT&CK Matrix Explained * Applying the ATT&CK Framework * Real-World Scenarios and Case Studies * Understanding ATT&CK for Young Minds * The Future of ATT&

Configuring FIDO2 Keys for Passwordless Authentication in Entra ID

Configuring FIDO2 Keys for Passwordless Authentication in Entra ID

Complete Guide to Implementing Passwordless Authentication with FIDO2 in an Entra ID and Intune Environment for Windows 10 and 11 Devices Contents 1. Introduction 2. Prerequisites 3. Step 1: Enable FIDO2 Security Keys in Entra ID 4. Step 2: Restrict FIDO2 Key Models Based on AAGUIDs 5. Step 3: Enable

Make Cybersecurity Easier with Bulk IoC Importing into Microsoft Defender for Endpoints

Make Cybersecurity Easier with Bulk IoC Importing into Microsoft Defender for Endpoints

Step-by-Step Instructions for Importing IoCs: 1. Log in to Microsoft 365 Defender: * Go to the Microsoft 365 Defender portal at security.microsoft.com and log in with your administrator credentials. 2. Access the Indicators Section: * Navigate to Settings -> Rules -> Indicators. This section allows you to manage