Cybersecurity Made Simple
WYZSec Duck
WYZSEC

Cybersecurity Wiki

Curated articles, guides, and resources from across the web.

Browse Wiki → Graph View
Metasploit Initial Access Response CrowdStrike Named a Leader in Identity Threat Detection and Response Active Directory Attack Paths — ACL Abuse, Delegation, and Trust Attacks Data Exfiltration Detection CyberChef REMnux npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks Cloud Threats — Credential Theft, IMDS Abuse, Hijacking MITRE ATT&CK for Triage Microsoft: Domain Controller lookup may fail on Windows Server 2016 Device Code Phishing Script Execution Triage API Attacks — OWASP API Top 10 Pass-the-Hash MFA Prompt Bombing: Why Your Second Factor Isn't Saving You DNS Active Directory Basics CISA orders feds to patch actively exploited Drupal vulnerability Cross-Platform NPM Stealer Selective HTTP Proxying in Linux An Example of Stack String in High Level Language Cobalt Strike — Detection and Beacon Analysis Process Injection (T1055) Privilege Escalation Investigation CrowdStrike Named a Leader in the First-Ever Gartner Magic Quadrant for Cyberthreat Intelligence Technologies Microsoft Access VBA 7-Eleven data breach exposes personal information of 185,000 people Burp Suite FBI warns of Kali365 phishing service targeting Microsoft 365 accounts Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows Insider Threat DDoS Kill Chain Indicators: IoC, IoA, and TTP Credential Stuffing Microsoft Defender can now automatically isolate hacked endpoints OT & ICS Threats MISP OSINT Tools Container and Kubernetes Threats Network Security Basics KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike Kerberoasting Living-off-the-Land Binaries CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks Cloud Account Compromise Response Playbook Cloud Incident Response SaaS Account Takeover Response Playbook Email Security Architecture for Analysts Nmap Phishing C2 and Beaconing Ransomware Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions Public Key Infrastructure Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks Mimikatz OSI Model MFA Fatigue SIEM Log Management Threat Hunting Inside CrowdStrike Automated Leads: A Transformative Approach to Threat Detections Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective S3 Exposure Azure Sentinel Ghidra Phishing Triage Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups Sysinternals AWS Misconfigurations YARA The Alert Firehose Finally Meets Its Match Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access Ransomware Negotiation and Decision Framework Ransomware Fundamentals Possible ACR Stealer From Page Impersonating Claude Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware Ransomware Response Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks Live Forensics Collection RITA Measuring AI-Enabled Success: 3 KPIs Leaders Should Track CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV Zero Trust Architecture Zero Day & CVE Response Golden Ticket Attack Splunk Falcon AIDR Detects Threats at the Prompt Layer in Kubernetes AI Applications Business Email Compromise Response Log Sources Overview Sigma Rules Wireless Attacks Active Directory Compromise Response TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO Wireshark 4.6.6 Released Supply Chain Incident Response Playbook TLS and Certificates Credential Theft Incident Response How to Protect Identities and Sessions from Infostealers SOC Shift Handoff Supply Chain Attack Cloud Security Fundamentals Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware Anthropic's restricted Claude Mythos model may be coming to Claude Code Suspicious Authentication BloodHound TCP/IP Digital Forensics & Live Response Man-in-the-Middle Social Engineering — Vishing, SMShing, and Deepfakes Threat Intelligence Fundamentals EDR Basics Hashing vs Encryption vs Encoding Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes Velociraptor Malware Analysis Fundamentals Kusto Query Language (KQL) XSS Zeek (formerly Bro) Lateral Movement Response Linux Security Fundamentals Kerberos Attacks Deep Dive SQL Injection Windows Event Logging & Audit Policy Snort and Suricata Malware Analysis Triage Incident Response XQL Investigation Notes May 2026 Patch Tuesday: 30 Critical Vulnerabilities Among 130 CVEs SPF and DKIM Sysmon How Varonis Atlas integrates Claude Compliance API for AI governance Web App Attacks — SSRF, CSRF, Command Injection, IDOR New Claude Integration Brings Audit Data into the Falcon Platform Elastic Security SOC Analyst Skills LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root Wireshark Common Ports and Protocols Windows Security Primitives — SIDs, Tokens, ACLs Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software Insider Threat Response Playbook Volatility
170
Topics
5
Categories
~1272 min
WORTH OF READING
FEATURED ARTICLE
// Wiki

STAY SHARP

The cybersecurity landscape changes fast. We keep it digestible so you're never lost.