Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
Putting Our Hooks Into Windows
We're back with another post about common malware techniques. This time we are talking about setting Windows hooks. This is a simple technique that can be used…
When on Workstation, Do as the Local Browsers Do!
1 IntroductionWeb browsers are common targets for many different APTs. Tools like Redline Malware or penetration testing tools such as SharpChrome or…
Gobbling Up Forensic Analysis Data Using Velociraptor
Lately I have been working with Velociraptor for its endpoint and digital forensic capabilities and specifically spent time in many cases in the past two years…
The Hunter’s Workshop: Mastering the Essentials of Threat Hunting
As an incident unfolds, skilled threat hunters with a special talent for uncovering hidden threats stand at the ready. These hunters smoke jump into the chaos…
Oops I UDL'd it Again
IntroductionPhishing. We all love phishing. This post is about a new phishing technique based on some legacy knowledge I had that can be used to get past email…
Must I TRA?: PCI Targeted Risk Analysis
Use of Targeted Risk Analysis (TRA) is a PCI best practice until March 31, 2025, at which time it becomes required for several controls across many assessment…
Execution Guardrails: No One Likes Unintentional Exposure
1.1 IntroductionA hopefully rare scenario that gives red teamers a mini heart-attack is a sudden check-in from a new agent: admin on ALICE-PC.If a blue teamer…
Government Contractor’s Ultimate Guide to CUI
Figure 1: Every government contractor when they hear about CUI Contractors and subcontractors working for the US Federal Government (as well as some other…
Specula - Turning Outlook Into a C2 With One Registry Change
There exist a few singular Registry changes that any non-privileged user can make that transform the Outlook email client into a beaconing C2 agent. Given that…
Lapse of Control: Applauding PCI SSC for FAQ 1572
I want to applaud the PCI Security Standards Council (PCI SSC) for FAQ 1572 published in March of 2024 for simply and effectively answering a question asked by…
What is Your Compliance Kryptonite?
Have you ever felt frustrated about security compliance? Well, you're not alone. We've all got some kind of 'Kryptonite' when it comes to Compliance. I asked…
Technical Analysis: Killer Ultra Malware Targeting EDR Products in Ransomware Attacks
This post was written by John Dwyer, Director of Security Research at Binary Defense, and made possible through the contributions of TrustedSec Senior Research…
Loading...