Since 2016, we have completed many cybersecurity projects, organised and involved in many events and training programs. On this page, we share with you some of our photos, upcoming events or training programs, blogs & short articles. If you have any queries, please reach out to us at info[at]cyber8lab[.]com.
Past Event
Cyber8Lab is excited to share about our past events and events where we have participated recently.
Blogs & Articles
What is Cyber Drill?
Have you been wondering what Cyber Drill is? What will you get to experience in a Cyber Drill Program? Our Cyber Drill gives you some ideas on how to analyse and investigate common cyber incidents. During our Cyber Drill, you will generally have to answer around 10 questions or get to perform some of the important steps of analysis. Below are some of the steps or questions you might come across and the answers:
Malware Infection Scenario:
You are required to provide the filename of the malware.
- For this step, you can use the Process Explorer tool to identify suspicious process running on the computer.
Wireless Intrusion Scenario:
You are required to find out what is attacker’s MAC address.
- For this step, you can use a tool called Wireshark filter to view a victim’s Wireless Access Point (WAP). The attacker usually attempts to connect to the WAP using replay attack.
Phishing Scenario:
The content of the text file is encoded. Determine the type of encoding that was used.
- For this step, you are required to use search engine to search for the available types of web encoding. You must compare the format with the one on the text file.
Data Leakage Scenario:
What scripting language was used to hide the possible banking information?
- The content of the file is obfuscated with some text encoder. Here, you are required to decode the .txt against the other text encoders
Working from home? Here are some cybersecurity tips
With so many people working from home and if they are not being trained or educated on how to identify bogus emails or how to safeguard their credentials, any compromised email account could lead to unauthorised access where cybercriminals can probe further to access the backend systems of a particular organisation. If this happens to any big organisations, we would expect data breaches anytime soon.
Safeguarding your credentials generally includes using password manager and always enable two-factor authentications. Visit our Security Awareness page to know more.
In addition, to configure web-based access control, first we have to specify user’s task, group their task as to who can review or edit or who can modify or delete etc. We usually use User Assess Matrix to do this. The access matrix model is the policy for user authentication, and has several implementations such as access control lists (ACLs) and capabilities. It is used to describe which users have access to what data.
So, you have experienced a breach or cyberattack. What to do next?
For those who swept their cyber incidents under the carpet last month, you might still have some time to act as some adversaries would take between 30 to 40 days to strike again.
Carry out Compromise Assessment!
This exercise is for you to determine if threat actors are active in your environment or maybe circumvented your security defenses in the past.
During a Compromise Assessment, you are able to detect traces of attack preparation and compromise within your IT infrastructure, assess the scale and determine which assets in the network were attacked and how it occurred.
At Cyber8Lab, we work closely with our partner to install a hardware and software solution called Threat Hunting Framework on your environment and evaluate your IT infrastructure for signs of compromise.
Firstly, we identify indicators of compromise on hosts across the network, analyse event logs and network connections, and eliminate false positives
Secondly, we carry out in-depth analysis of compromised hosts to identify sources of compromise, analysis of identified threats and the causes then drafting of a detailed report.
As a customer, you will get:
- List of indicators of compromise;
- A report on security breaches;
- Report on provided services, and
- Recommendations.
