top of page
Work Overview
LATEST PROJECTS
Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Aenean commodo ligula eget dolor. Aenean massa. Cum sociis natoque
Blog
Search
2 min read
Forensic Friday - Jump Lists
What are Jump Lists? Jump Lists are windows features introduced with Windows 7, and they contain information about recently accessed...
2 min read
Remote Assistance Tools - T1219
Let's talk about remote assistance tools! As you would expect, a remote assistance tool is used to assist end-users from a remote...
3 min read
Microsoft Office - Arbitrary Code Execution
We have recently observed threat actors evolving their procedures in light of Microsoft disabling macros by default in office documents....
3 min read
Forensic Friday - Profile Lists
What are Profile Lists? Windows keeps track of user-profiles and their locations in the registry. The profile location is stored under...
3 min read
CVE-2022-1388 (F5 BIG-IP)
CVE-2022-1388 is a critical CVE (CVSS 9.8) in F5 Networks’ BIG-IP solution management interface. This CVE will allow threat actors to...
3 min read
Forensic Friday - Prefetch
What is Windows Prefetch? Windows Prefetch creates files when a user opens an application on a Windows host. The Windows Operating system...
3 min read
Emotet Changing Techniques
Phishing attacks remain the number one technique used in cyberattacks. Some of the most common phishing attacks leveraged attachments to...
1 min read
Cyberattacks On The Rise
As we look across the landscape, we see that cyberattacks continue to succeed in all business sectors. In the cases we have observed, the...
3 min read
What is Qbot / Qakbot
QBot, also known as Qakbot or pinkslipbot, is an information stealer that has been active since 2007. It is malware software that can...
4 min read
An Encounter with Pandora
Pandora ransomware came into the spotlight in March of 2022 after posting some high-profile victims on its leak site. The ransomware...
3 min read
What is Incident Response?
Incident response is a method for dealing with various forms of security events, cyber threats, and data breaches in an organized manner....
4 min read
Proxyshell Vulnerabilities
In Microsoft Exchange, the three known vulnerabilities that threat actors use to get initial access are often referred to collectively as...
2 min read
Incident Analysis
Despite the depth of implemented protection measures, cyber incidents are bound to happen at some time. An incident analysis process...
bottom of page