Mobula GitHub Monitoring
Mobula GitHub Monitoring is a comprehensive security service designed to monitor the GitHub environment and ensure the safety and integrity of your code repositories. With advanced features and vigilant monitoring capabilities, Mobula GitHub Monitoring offers a proactive approach to identifying and addressing abnormal activities within your GitHub ecosystem. One of the primary functions of Mobula […]
Mail Impersonation – Recognizing Mail Phishing Attacks
The Security Threat: Mail impersonation is among the most prevalent and successful cyber attacks in today’s digital landscape. This type of attack can be classified into two main categories: phishing and mail impersonation. Phishing attacks aim to steal credentials by impersonating legitimate login pages, tricking users into revealing their passwords and sensitive information. On the […]
Mastering Windows Event Forwarding (WEF) for Unmatched SIEM Capabilities
Introduction Among the multitudes of log sources that are essential for monitoring a company, Windows Event Forwarding (WEF) unequivocally claims the top spot. With the ability to gather thousands of types of events from every computer within an organization, WEF offers near-complete visibility into network activities. By utilizing our Mobula Platform, configuring WEF becomes a […]
Deployed Rules Of The Week
DNS Trace Log Microsoft Windows@Process Creation Microsoft Windows@System Errors Web Cache Web Server Sysmon@Create Remote Thread Sysmon@Files Sysmon@Image Load Sysmon@Registry
Threat around Google’s .zip TLD
If you didn’t read about it yet, here are some important details to know:Recently, a new top-level domain (TLD) called .zip was introduced by Google. While the creation of new TLDs can bring exciting opportunities, it also opens the door to potential security risks. Attackers could exploit this new TLD to deceive users and execute […]
New SIEM Rules – May 2023
Welcome you to our monthly rules update!We take great pleasure in presenting the most recent rules we created last month to boost your SIEM’s capabilities. Depending on your monitoring products, these rules have been deployed in your system to offer you top-notch security and detection. These new rules join an extensive collection of over 1500 […]
The SIEM 4th Dimension – Timestamp: Unlocking the Secrets of SIEM Log Timestamps
When dealing with timestamps in SIEM logs, it is crucial to understand the origin and context of each specific timestamp. In SIEM events, multiple timestamps can be encountered, including: 1. End Time – The moment when the event indeed took place. 2. Device Receipt Time – The point when the device obtained the event from […]
Demystifying SIEM Log Collection and Parsing: What You Need to Know
Introduction: Security Information and Event Management (SIEM) systems play a crucial role in organizations’ cybersecurity efforts. They collect, analyze, and correlate logs from various sources to detect and respond to security incidents. In this article, we’ll explore the process of gathering logs from diverse sources for a SIEM system, the importance of log parsing, and […]
