David Kasabji - Cybersecurity analyst

David Kasabji

Principal Threat Intelligence Analyst

David Kasabji is a Principal Threat Intelligence Analyst at the Conscia Group. His main responsibility is to deliver actionable intelligence in different formats according to target audiences, ranging from Conscia’s own cyberdefense, all the way to the public media platforms. His work includes collecting, analyzing, and disseminating intelligence, reverse engineering obtained malware samples, crafting TTPs based on acquired information, and publishing R&D content.

David is also actively engaged in Digital Forensics and Incident Response activities and strategic crisis management during incidents.

 

Content by this profile

Blog

From CAPTCHA to Compromise: Analysis of CAPTCHAclipper

Conscia SOC team uncovered a new attack exploiting CAPTCHA prompts. The "CAPTCHAclipper" attack blends social engineering and technical sophistication to deploy malware. Read our analysis...
Read more
Blog

Protecting Your Business from Supply-Chain Attacks: What to Do When Third Parties Are Breached

Breaches at third-party vendors can expose data and disrupt operations, posing significant risks to the partnering company. Learn how to handle a breach effectively.
Read more
Recorded webinar

AI’s Role in Advancing and Combating Cyber Threats

Watch this session on future-proofing your digital defenses against advanced AI cyber threats. With concrete examples, the latest stats, and actionable strategies, you'll be better...
Read more
Blog

Exploring the Dark Side of Generative AI: The Rise of Cyber Threats in the Digital Age

When we think about predicting cyber threats that will reign in the coming year, we often lean back to the past year, learn from that,...
Read more
Blog

OpenAI Sora – Cybersecurity Threat or Opportunity?

OpenAI's Sora: Is it a threat or an opportunity? We look at its groundbreaking text-to-video capabilities and how they impact cybersecurity.
Read more
Blog

The Stealthy Cyber Threat: Abuse of GitHub for Malicious Purposes

GitHub, a key coding platform, faces rising cyber threats. This blog post explores its exploitation and outlines effective cybersecurity strategies for mitigation.
Read more
Blog

Understanding the Risks of Unprompted One-Time Passcodes in Cybersecurity

In cybersecurity, an unexpected one-time passcode (OTP) signals a security threat - possible credential theft. Learn more about handling unsolicited MFA requests.
Read more
Blog

Deep Dive into the May 2023 Cyber Attack on Danish Energy Infrastructure

Danish energy infrastructure endured a sophisticated cyber attack, signifying a major escalation. This post analyzes the unprecedented assault, offering insights for cybersecurity professionals.
Read more
Blog

What can we learn from recent Okta breaches?

Okta, a major identity and access management player, faced two major security breaches. Examining these incidents provides crucial lessons for the cybersecurity community.
Read more
Blog

New Critical Vulnerability in Cisco IOS XE Software Poses Cybersecurity Concerns

Edit note, October 24: Added a section regarding updates to include additional Indicators of Compromise (IOCs) and methods for detecting the updated implant code. In...
Read more
Blog

Enumeration Attacks: A Deep Dive into Threat Actors Generating Valid Payment Data

Enumeration attacks, especially banking identification number (BIN) generation attacks, enable threat actors to produce and validate payment card numbers. These attacks, while not new, are...
Read more
Blog

Adversary-In-The-Middle Attack: A novel way to evade MFA

In the vast realm of cyber threats, a relatively newer but impactful method has emerged: Adversary In the Middle (AiTM) attacks. AiTM attacks have recently...
Read more
Blog

How Cybercriminals Exploit Legitimate Internet Services for Malicious Purposes

Cybercriminals increasingly manipulate reputable platforms such as Google Drive, OneDrive, Notion, and GitHub to camouflage their malicious activities within regular web traffic. This tactic not...
Read more
Blog

Defending Against Infostealer Malware Attacks: A Comprehensive Guide for Organizations

In today's digital age, information is power. As organizations increasingly rely on digital data, the allure for cybercriminals to steal this data grows. One of...
Read more
Blog

Cloud Storage Risk Assessment: Our privacy rests… at risk?

Cloud storage and hosting have become a common way of storing your and your organization's sensitive data in today’s world. Cloud storage refers to a...
Read more
Blog

Understanding Vulnerability Lifecycle to Better Combat Exploits

If you care about cybersecurity, you surely have heard the term ‘software vulnerability.’ But it can quickly happen that sometimes we take this term for...
Read more
Blog

CL0P Group – Analysis of European’s rising ransomware threat

If you were following trends in the cyber threat landscape for the past few months, or actually the entire year, you undoubtedly recall that there...
Read more
Blog

Danish cloud-hosting provider hit by devastating ransomware attack.

Danish cloud-hosting company were hit by ransomware attacks, resulting in significant customer data loss and system shutdowns.
Read more
Blog

A look into Living off the Land adversarial technique

Recently, you may have noticed several cybersecurity news sites citing Microsoft's article on Flax Typhoon's (threat actors) stealthiness while performing their cyber intrusions. While reading through the...
Read more
Blog

How could AI simplify malware attacks, and why is this worrying?

AI can significantly reduce Malware development and distribution costs, giving cybercriminals an advantage over insufficiently secured targets. Read the article to see practical examples of...
Read more
Blog

Digital Forensics: Discovering Threat Actor’s traces using Recycle Bin

Criminals don't like to leave traces. In the cyber world, that means deleting their malicious software from your environment after the attack or infiltration. This...
Read more
Blog

Season’s Greetings from Cybercriminals

Cybercrime is on the rise during the holiday season. Cybercriminals take advantage of Black Friday, Cyber Monday, and similar to scam individuals. What can companies...
Read more
Blog

Phishing as a Service (PHaaS) – an effective attack vector for all threat actors

Phishing has professionalized. It is literally available to criminals in a »as a service« model, and the most effective examples are extremely convincing. And therefore...
Read more
Blog

New 0-day vulnerabilities in Microsoft Exchange Server actively exploited

Two reported 0-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019 (on-prem) tracked as CVE-2022-41040 and CVE-2022-41082 are being actively exploited in the wild....
Read more
Cyber Security Questions
Blog

Insider Threats: What are they and how to mitigate them

While often neglected, an organization’s own personnel pose one of the biggest threats to its security. Human error or negligence is usually the leading cause...
Read more
Blog

Diving Deep: How to detect Malware Persistency pt. 1

During a cyber-attack adversaries might gain access to an environment through a certain system, but that might not be their actual targeted system or that...
Read more
Blog

Diving Deep: How to detect Typosquatting

Typosquatting is a type of social engineering attack where a threat actor registers domains with deliberately misspelled names of known brands or websites and hosts...
Read more
Blog

Vulnerability Spotlight: How to detect Follina the Windows MSDT 0-day 

Microsoft confirmed a security vulnerability tracked as CVE-2022-30190 and released it on their MSRC portal on May 30th, 2022. The vulnerability allows for a remote...
Read more
Blog

Diving Deep: Malware Injection Techniques – Part 1

Malware Injection Techniques This is the first entry in the Malware Injection Techniques article series that we will be writing about.  The ultimate goal of...
Read more
Blog

Ransomware-as-a-Service: An infamously lucrative business model

Ransomware as a type of malware is not a 21st century invention. We can trace it back to 1989 when Joseph Popp wrote the first...
Read more
Blog

Conti Ransomware Gang falls apart

Conti ransomware gang was infamously known as one of the most sophisticated adopters of ransomware-as-a-service (RaaS) model, earning them 180 million USD only in 2021....
Read more
Whitepaper

Dissecting Russian State-sponsored Threat Actors

White paper: Dissecting Russian State-sponsored Threat Actors On 20.04.2022, CISA released a joint Cybersecurity Advisory to warn organizations that Russia's invasion of Ukraine could expose...
Read more
Blog

Increased threat against industries leveraging ICS and SCADA devices

US agencies (CISA, NSA, FBI) and Department of Energy issued a new Cybersecurity Advisory (CSA) warning on 13.04.2022 in regards to increased threats to industrial...
Read more
Recorded webinar

Cyberwarfare and its Impact on Your Business

Capabilities developed for Cyberwarfare will be used against businesses, not just in wars. How can organizations use threat intelligence acquired during cyberwarfare to improve their...
Read more
Blog

What you need to know about the increased Digital Risks following the cyber-attacks on Ukraine

Amidst the ongoing warfare, we were able to track the development of new dedicated and tailored malware (HermeticWiper and Whisper Gate) on the dark web...
Read more
Event

Cyberwarfare and its Impact on Your Business

Capabilities developed for Cyberwarfare will be used against businesses, not just in wars. How can organizations use threat intelligence acquired during cyberwarfare to improve their...
Read more
cybersecurity access granted
Guide

ZeroLogon – A one-click path to your Domain Admin

All who have a keen interest in Cybersecurity might already read about the CVE-2020-1472 which was published on 11.08.2020. However, although it was clear that...
Read more
Blog

WannaTry again? SMBv3 Vulnerability Awakes!

SMBv3 vulnerability (CVE-2020-0796) explained and how to defend against zero-day attacks We have just learned about a new vulnerability of the SMBv3 protocol, for which...
Read more
Contact
Contact us now