Forensic Friday - Jump Lists
What are Jump Lists? Jump Lists are windows features introduced with Windows 7, and they contain information about recently accessed...
top of page
Work Overview
LATEST PROJECTS
Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Aenean commodo ligula eget dolor. Aenean massa. Cum sociis natoque
INCEPTION
SECURITY
Blog
Search
2 min read
Remote Assistance Tools - T1219
Let's talk about remote assistance tools! As you would expect, a remote assistance tool is used to assist end-users from a remote...
3 min read
Microsoft Office - Arbitrary Code Execution
We have recently observed threat actors evolving their procedures in light of Microsoft disabling macros by default in office documents....
3 min read
Forensic Friday - Profile Lists
What are Profile Lists? Windows keeps track of user-profiles and their locations in the registry. The profile location is stored under...
3 min read
CVE-2022-1388 (F5 BIG-IP)
CVE-2022-1388 is a critical CVE (CVSS 9.8) in F5 Networks’ BIG-IP solution management interface. This CVE will allow threat actors to...
3 min read
Forensic Friday - Prefetch
What is Windows Prefetch? Windows Prefetch creates files when a user opens an application on a Windows host. The Windows Operating system...
3 min read
Emotet Changing Techniques
Phishing attacks remain the number one technique used in cyberattacks. Some of the most common phishing attacks leveraged attachments to...
1 min read
Cyberattacks On The Rise
As we look across the landscape, we see that cyberattacks continue to succeed in all business sectors. In the cases we have observed, the...
3 min read
What is Qbot / Qakbot
QBot, also known as Qakbot or pinkslipbot, is an information stealer that has been active since 2007. It is malware software that can...
4 min read
An Encounter with Pandora
Pandora ransomware came into the spotlight in March of 2022 after posting some high-profile victims on its leak site. The ransomware...
3 min read
What is Incident Response?
Incident response is a method for dealing with various forms of security events, cyber threats, and data breaches in an organized manner....
4 min read
Proxyshell Vulnerabilities
In Microsoft Exchange, the three known vulnerabilities that threat actors use to get initial access are often referred to collectively as...
2 min read
Incident Analysis
Despite the depth of implemented protection measures, cyber incidents are bound to happen at some time. An incident analysis process...
bottom of page