Cyber Diary – yusufahmed.tech

ChatGPT Stealer: Threat Hunting, Detections & Best Practices for your Organization

February 28, 2026 / yahmed / Cyber Diary, Detections

Back in December 2025, the Ox Research team uncovered two malicious extensions that were being actively downloaded (and still available on the Chrome Store at time of writing) by impersonating as the legitimate AITOPIA AI Sidebar. Once installed and permissions granted these extensions were found to steal browser and AI Chat data and sending the […]

ChatGPT Stealer: Threat Hunting, Detections & Best Practices for your Organization Read More »

BindPlane On-Prem Architecture for Google SecOps

September 14, 2025 / yahmed / Cyber Diary, Uncategorized

In this post I want to discuss BindPlane architecture, specifically, the on-prem architecture for routing logs to your Google SecOps SIEM. BindPlane, at a high level, is a telemetry pipeline (built on top of the OpenTelemetry framework) that is designed to collect, refine and export logs, metrics and traces from any source to any destination.

BindPlane On-Prem Architecture for Google SecOps Read More »

Dangerous File Conversion Sites

March 23, 2025 / yahmed / Cyber Diary

A few days ago I read a some articles about these free online file converter tools that are actually being used for nefarious purposes. The initial warning came from the FBI who are warning these online “tools” are being used to load malware onto victims machines which can lead to ransomware attacks – FBI Denver

Dangerous File Conversion Sites Read More »

Data Obfuscation in QRadar

November 20, 2022 / yahmed / Cyber Diary

This article will explain how to setup data obfuscation in QRadar using regex. There will be times where you may need to mask certain data coming into your SIEM platform for various reasons for your organisation. For example it maybe to mask PII (Personally Identifiable Information) data in order to comply with regulations such as

Data Obfuscation in QRadar Read More »