top of page
Work Overview
LATEST PROJECTS
Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Aenean commodo ligula eget dolor. Aenean massa. Cum sociis natoque

Blog
Search


Understanding the ToolShell Vulnerability in Microsoft SharePoint Servers
In the ever-evolving landscape of cybersecurity threats, Microsoft SharePoint servers have become a prime target for sophisticated...
5 min read


Forensic Friday - Jump Lists
What are Jump Lists? Jump Lists are windows features introduced with Windows 7, and they contain information about recently accessed...
2 min read


Remote Assistance Tools - T1219
Let's talk about remote assistance tools! As you would expect, a remote assistance tool is used to assist end-users from a remote...
2 min read


Microsoft Office - Arbitrary Code Execution
We have recently observed threat actors evolving their procedures in light of Microsoft disabling macros by default in office documents....
3 min read


Forensic Friday - Profile Lists
What are Profile Lists? Windows keeps track of user-profiles and their locations in the registry. The profile location is stored under...
3 min read


CVE-2022-1388 (F5 BIG-IP)
CVE-2022-1388 is a critical CVE (CVSS 9.8) in F5 Networks’ BIG-IP solution management interface. This CVE will allow threat actors to...
3 min read


Forensic Friday - Prefetch
What is Windows Prefetch? Windows Prefetch creates files when a user opens an application on a Windows host. The Windows Operating system...
3 min read


Emotet Changing Techniques
Phishing attacks remain the number one technique used in cyberattacks. Some of the most common phishing attacks leveraged attachments to...
3 min read


Cyberattacks On The Rise
As we look across the landscape, we see that cyberattacks continue to succeed in all business sectors. In the cases we have observed, the...
1 min read


What is Qbot / Qakbot
QBot, also known as Qakbot or pinkslipbot, is an information stealer that has been active since 2007. It is malware software that can...
3 min read


An Encounter with Pandora
Pandora ransomware came into the spotlight in March of 2022 after posting some high-profile victims on its leak site. The ransomware...
4 min read


What is Incident Response?
Incident response is a method for dealing with various forms of security events, cyber threats, and data breaches in an organized manner....
3 min read


Proxyshell Vulnerabilities
In Microsoft Exchange, the three known vulnerabilities that threat actors use to get initial access are often referred to collectively as...
4 min read


Incident Analysis
Despite the depth of implemented protection measures, cyber incidents are bound to happen at some time. An incident analysis process...
2 min read
bottom of page