Blog

March 13, 2024

EDR/AV Bypass [Part 1] : The Automated Payload Obfuscator “Pinguino”

Obfuscation is crucial for malware to evade detection by security tools, prolonging its undetected operation. Top obfuscation techniques include code encryption, polymorphism, metamorphism, dynamic API resolution, and anti-debugging mechanisms. Code obfuscation, such as variable renaming and insertion of meaningless code, adds complexity to hinder analysis. These techniques collectively aim to
Read More
November 20, 2023

[Part1] New Microsoft Sentinel’s Enrichment Widget in UEBA Module

Introduction Last week took place Microsoft ignite in Seattle. I was focused on new announcements regarding Sentinel and/or Defender. And the first one who shined in my eyes: the enrichment widget for the UEBA feature in Sentinel🤩. The promise of this new feature is to empowers security analysts to gain
Read More
August 29, 2023

Hacknowledge attend DEFCON 31 in Las Vegas

Las Vegas – a city known for its dazzling lights, vibrant entertainment, and now, an annual pilgrimage for cybersecurity enthusiasts from around the world. DEFCON, the world’s largest and one of the most renowned hacker conferences, recently unfolded and Hacknowledge had the opportunity to send two engineers to the event,
Read More
June 20, 2023

Purple Teaming

In the ever-evolving landscape of cybersecurity, organizations are continuously seeking ways to enhance their defenses against sophisticated threats. Traditional approaches like Red Teaming and Blue Teaming have played crucial roles in identifying vulnerabilities and responding to attacks. However, the Purple Teaming approach has emerged as a powerful methodology that bridges
Read More
May 4, 2023

Genev’Hack 2023 – registrations are open

REGISTRATION OPEN FOR GENEV’HACK 2023   When : 06/06/2023 , from 13h30 (doors opening at 13h) What : Security conferences + Boss of the SOC contest Entry cost : Attendance to the conference is free of charge for participants Where : Geneva, Palexpo (Airport + Train) Open to : All
Read More
April 6, 2023

Document archiving: the safest way to store business documents

Secured data archiving is important at all levels.Here is an article from a sister company, Klara, explaining the importance of document archiving   Security is an essential aspect of every company – and anyone believing that archiving documents in filing cabinets is the safest solution is sorely mistaken. Studies show
Read More
March 23, 2023

What a week for the Analytics Team @Hacknowledge! (and it was only Wednesday)

The team was invited to the Splunk Partner Tech Day in Splunk’s premises in Zurich where amazing tech talks were given by @Alex Piger and others: Multi-Instance Design best practices (Architecture Blueprint, Automation, Search Options) GDI Update: Ingest Actions, Data Manager, Edge Processor Splunk Operator 4 Kubernetes Differences Splunk Cloud <<>>
Read More
March 20, 2023

Splunk Cloud: A (Hopefully) Comprehensive and Technical Review

Or What Splunk Cloud teaches us about managing an on-premises infrastructure? Disclaimer These are key points on the difference and benefits/drawbacks from its author’s perspective and this do not reflect the opinion of Hacknowledge nor the Analytics team of Hacknowledge. This article highlights points that are important considering its author
Read More
February 13, 2023

Hacknowledge attended Frankfurt Digital Finance 2023

Frankfurt Digital Finance gathers key participants in the European digital finance ecosystem with more than 60 speakers and 600 attendees.  Hacknowledge was invited as an official speaker for the Cybersecurity Panel.  The key topics were to focus on: 1.)        Protect sensitive financial data & ensure operational/cyber-resilience 2.)        Managing 3rd party
Read More
November 25, 2022

Hacknowledge attend the ElasticON 2022 and the onsite Elastic Engineer Training in Amsterdam

To conclude this relentless November month, Hacknowledge got the chance to dedicate a full week to Elastic. The Elastic convention, also known as ElasticON, was the first physical event since the Covid 19. Elastic users got the chance to discover on which direction the Elastic teams are planning to go,
Read More
Emergency