Mar 9 · 5 min read · TL;DR Cybercriminals are using AI to build malware that mutates during execution, adapts to defenses in real time, and evades signature-based detection. Traditional antivirus is obsolete. Your SOC needs behavioral detection + AI-driven threat predict...
Join discussionJan 20 · 4 min read · Room Link: https://tryhackme.com/room/mitmdetection Task 1 Introduction Man-in-the-middle (MITM) attacks represent one of the most insidious threats in network security. In these attacks, attackers position themselves between legitimate communication...
Join discussion
Dec 24, 2025 · 4 min read · Reconnaissance is often treated as a “quiet” phase of an attack — something that happens before detection becomes relevant. In practice, this isn’t true. Many red team reconnaissance techniques generate signals that surface directly in SOC tools, oft...
Join discussion
Dec 14, 2025 · 4 min read · Platform: Apache on Ubuntu → Splunk EnterpriseGoal: Detect reconnaissance and probing activity on a web server by monitoring 404s and access to admin paths. summary I set up a Splunk Universal Forwarder on an Ubuntu VM to forward Apache access logs t...
Join discussionSep 18, 2025 · 7 min read · How did we get here? During the month of April, I had the privilege of working with the SecureAI dev team, where I learned a great deal about Large Language Model (LLM) vulnerabilities, as well as how to detect and probe for them. I want to give a hu...
Join discussionSep 17, 2025 · 1 min read · Recently, an imposter used AI to clone Secretary of State Marco Rubio’s voice and contacted foreign officials via Signal Messenger. This wasn’t a prank-it was a sophisticated attempt to deceive and manipulate world leaders using AI-generated voice te...
Join discussionSep 13, 2025 · 4 min read · Fraud is one of the most persistent and costly challenges for the global insurance sector. According to industry estimates, fraudulent claims account for 10–20% of total claims costs, amounting to billions of dollars annually. Traditional approaches,...
Join discussion
Aug 26, 2025 · 3 min read · Over the past few weeks, two critical vulnerabilities - CVE-2025-8875 and CVE-2025-8876 have surfaced as active threats in the wild. Both have been flagged by CISA as being widely exploited, and organisations relying on N-able N-central are particula...
Join discussion
Aug 18, 2025 · 4 min read · Introduction Ransomware attacks continue to threaten organizations worldwide, but recent years have seen a dramatic rise in incidents affecting Indian companies—banks, fintech, logistics, healthcare providers, and SaaS firms. These sophisticated atta...
Join discussion
