David Kasabji - Cybersecurity analyst

David Kasabji

Principal Threat Intelligence Engineer

David Kasabji is a Principal Threat Intelligence Engineer at the Conscia Group. His main responsibility is to deliver relevant Threat Intel in different formats to specific audiences, ranging from Conscia’s own cyberdefense, all the way to the public media platforms. His work includes analyzing and engineering Threat Intel from various data sources, reverse engineering obtained malware samples, crafting TTPs based on acquired information, and publishing R&D content.

Content by this profile

Blog

Digital Forensics: Discovering Threat Actor’s traces using Recycle Bin

Criminals don't like to leave traces. In the cyber world, that means deleting their malicious software from your environment after the attack or infiltration. This...
Read more
Blog

Season’s Greetings from Cybercriminals

Cybercrime is on the rise during the holiday season. Cybercriminals take advantage of Black Friday, Cyber Monday, and similar to scam individuals. What can companies...
Read more
Blog

Phishing as a Service (PHaaS) – an effective attack vector for all threat actors

Phishing has professionalized. It is literally available to criminals in a »as a service« model, and the most effective examples are extremely convincing. And therefore...
Read more
Blog

New 0-day vulnerabilities in Microsoft Exchange Server actively exploited

Two reported 0-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019 (on-prem) tracked as CVE-2022-41040 and CVE-2022-41082 are being actively exploited in the wild....
Read more
Cyber Security Questions
Blog

Insider Threats: What are they and how to mitigate them

While often neglected, an organization’s own personnel pose one of the biggest threats to its security. Human error or negligence is usually the leading cause...
Read more
Blog

Diving Deep: How to detect Malware Persistency pt. 1

During a cyber-attack adversaries might gain access to an environment through a certain system, but that might not be their actual targeted system or that...
Read more
Blog

Diving Deep: How to detect Typosquatting

Typosquatting is a type of social engineering attack, where a threat actor registers domains with deliberately misspelled names of known brands or websites and hosts...
Read more
Blog

Vulnerability Spotlight: How to detect Follina the Windows MSDT 0-day 

Microsoft confirmed a security vulnerability tracked as CVE-2022-30190 and released it on their MSRC portal on May 30th, 2022. The vulnerability allows for a remote...
Read more
Blog

Diving Deep: Malware Injection Techniques – Part 1

Malware Injection Techniques This is the first entry in the Malware Injection Techniques article series that we will be writing about.  The ultimate goal of...
Read more
Blog

Ransomware-as-a-Service: An infamously lucrative business model

Ransomware as a type of malware is not a 21st century invention. We can trace it back to 1989 when Joseph Popp wrote the first...
Read more
Blog

Conti Ransomware Gang falls apart

Conti ransomware gang was infamously known as one of the most sophisticated adopters of ransomware-as-a-service (RaaS) model, earning them 180 million USD only in 2021....
Read more
Whitepaper

Dissecting Russian State-sponsored Threat Actors

White paper: Dissecting Russian State-sponsored Threat Actors On 20.04.2022, CISA released a joint Cybersecurity Advisory to warn organizations that Russia's invasion of Ukraine could expose...
Read more
Blog

Increased threat against industries leveraging ICS and SCADA devices

US agencies (CISA, NSA, FBI) and Department of Energy issued a new Cybersecurity Advisory (CSA) warning on 13.04.2022 in regards to increased threats to industrial...
Read more
Video

Cyberwarfare and its Impact on Your Business

Capabilities developed for Cyberwarfare will be used against businesses, not just in wars. How can organizations use threat intelligence acquired during cyberwarfare to improve their...
Read more
Blog

What you need to know about the increased Digital Risks following the cyber-attacks on Ukraine

Amidst the ongoing warfare, we were able to track the development of new dedicated and tailored malware (HermeticWiper and Whisper Gate) on the dark web...
Read more
Event

Cyberwarfare and its Impact on Your Business

Capabilities developed for Cyberwarfare will be used against businesses, not just in wars. How can organizations use threat intelligence acquired during cyberwarfare to improve their...
Read more
cybersecurity access granted
Guide

ZeroLogon – A one-click path to your Domain Admin

All who have a keen interest in Cybersecurity might already read about the CVE-2020-1472 which was published on 11.08.2020. However, although it was clear that...
Read more
Blog

WannaTry again? SMBv3 Vulnerability Awakes!

SMBv3 vulnerability (CVE-2020-0796) explained and how to defend against zero-day attacks We have just learned about a new vulnerability of the SMBv3 protocol, for which...
Read more
Contact
Contact us now