Media center
For PR and media requests please contact us at team@cyberpolygon.com
News
May 29, 2024
Registration for Cyber Polygon 2024 now open
April 23, 2024
Cyber Polygon 2024 scheduled for September 10–11
March 5, 2024
We launched BI.ZONE Cyber Polygon Platform for individual training
Technical articles
Hunting Down MS Exchange Attacks. Part 2 (CVE-2020-0688, CVE-2020-16875, CVE-2021-24085)
Our previous article focused on the different techniques used to detect ProxyLogon exploitation. This time we will talk about the techniques used to detect other notorious MS Exchange Server vulnerabilities, namely CVE-2020-0688, CVE-2020-16875 and CVE-2021-24085.
Hunting Down MS Exchange Attacks. Part 1. ProxyLogon (CVE-2021-26855, 26858, 27065, 26857)
Microsoft Exchange is one of the most common mail servers used by hundreds of thousands of companies around the world. Its popularity and accessibility from the Internet make it an attractive target for attackers.
Defence Scenario: Cyber Polygon 2020 Technical Exercise Write-up
This article goes into details of the Defence scenario, where the participants had to repel an attack conducted by the Red Team.
Security of JSON Web Tokens (JWT)
JSON Web Tokens (JWT) mechanisms for user authentication become more and more popular in the applications. JWT gained particular popularity with the growing famousness of the microservice architecture: it entrusts the processing authentication data to the microservices, and therefore allows to avoid various authorisation errors, increase productivity and improve application scalability...
Threat Hunting. Why might you need it
Nowadays, cyberthreats are becoming more sophisticated. Attackers can successfully evade security systems, whilst staying off the radar, unnoticed by corporate cybersecurity teams.
Threat Hunting in action
In the previous article, we explained the essence of Threat Hunting and demonstrated its capability in detecting modern cyberthreats. With small examples, we analysed various hunting approaches such as IoC-, Tool- and TTPs-based approaches and the differences between them.
Hunting for advanced Tactics, Techniques and Procedures (TTPs)
In the first publication from the series of articles, we have explored the Threat Hunting approach, its difference from the classical approach to cybersecurity incident monitoring and the essential components for integrating this method. In the second publication, we delved deeper and demonstrated Threat Hunting in action with an example of a potential incident and tested several hypotheses to detect various techniques used by attacker in this incident.
Insecure Deserialisation
Deserialisation of untrusted data is ranked 8th in the 2017 OWASP Top Ten list of the most critical security risks to web applications. This vulnerability is identified as CWE-502, and occurs when the application deserialises data from an untrusted source without proper validation. Deserialisation mechanisms are often exploited by attackers to gain remote code execution in the compromised system.
How to protect yourself in digital space?
Basic hygiene is an effective method of preventing viruses. Today this is especially true for both the physical and the cyber worlds...
Subscribe for updates
