top of page
Work Overview
LATEST PROJECTS
Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Aenean commodo ligula eget dolor. Aenean massa. Cum sociis natoque

Blog
Search


Forensic Friday - Jump Lists
What are Jump Lists? Jump Lists are windows features introduced with Windows 7, and they contain information about recently accessed...
2 min read


Remote Assistance Tools - T1219
Let's talk about remote assistance tools! As you would expect, a remote assistance tool is used to assist end-users from a remote...
2 min read


Microsoft Office - Arbitrary Code Execution
We have recently observed threat actors evolving their procedures in light of Microsoft disabling macros by default in office documents....
3 min read


Forensic Friday - Profile Lists
What are Profile Lists? Windows keeps track of user-profiles and their locations in the registry. The profile location is stored under...
3 min read


CVE-2022-1388 (F5 BIG-IP)
CVE-2022-1388 is a critical CVE (CVSS 9.8) in F5 Networks’ BIG-IP solution management interface. This CVE will allow threat actors to...
3 min read


Forensic Friday - Prefetch
What is Windows Prefetch? Windows Prefetch creates files when a user opens an application on a Windows host. The Windows Operating system...
3 min read


Emotet Changing Techniques
Phishing attacks remain the number one technique used in cyberattacks. Some of the most common phishing attacks leveraged attachments to...
3 min read


Cyberattacks On The Rise
As we look across the landscape, we see that cyberattacks continue to succeed in all business sectors. In the cases we have observed, the...
1 min read


What is Qbot / Qakbot
QBot, also known as Qakbot or pinkslipbot, is an information stealer that has been active since 2007. It is malware software that can...
3 min read


An Encounter with Pandora
Pandora ransomware came into the spotlight in March of 2022 after posting some high-profile victims on its leak site. The ransomware...
4 min read


What is Incident Response?
Incident response is a method for dealing with various forms of security events, cyber threats, and data breaches in an organized manner....
3 min read


Proxyshell Vulnerabilities
In Microsoft Exchange, the three known vulnerabilities that threat actors use to get initial access are often referred to collectively as...
4 min read


Incident Analysis
Despite the depth of implemented protection measures, cyber incidents are bound to happen at some time. An incident analysis process...
2 min read
bottom of page