WordPress is the most popular content management system (CMS). Therefore, it is also a very popular target for hackers. The default WordPress login requires a username and password combination. If hackers obtain your login credentials, there is no second line of defense and your WordPress site is theirs. Two-factor authentication (or sometimes multi-factor authentication) adds this second line of defense to your WordPress site. Every time you log in to your WordPress site, it’ll ask you for your username and password plus a second factor, e.g. a one-time password. This blog post shows you how to set up two-factor authentication for WordPress. I’ll use the WordPress plugin Two-Factor to set up two-factor authentication with Google Authenticator.

Continue reading →

Last update: 2020-01-19

Adversaries require infrastructure to support their operations and to ultimately achieve their goals like intelligence collection. Therefore, infrastructure is one of the four core features of the famous Diamond Model of Intrusion Analysis. The proactive detection of adversary infrastructure can help cyber threat intelligence (CTI) teams detect this infrastructure even before the adversary has utilized it.

Continue reading →

aPLib is a compression library that is very easy to use and integrate with C/C++ projects. It is a pure LZ-based compression library. There is also an executable packer based on it called aPACK. Due to its ease of use and tiny footprint, it’s a very popular library utilized by many malware families like ISFB/Ursnif, Rovnix, and many more. Knowledge about aPLib detection and aPLib decompression is crucial for every malware analyst.

Continue reading →