Threat Hunting

Specula is a framework that allows for interactive operations of an implant that runs purely in the context of Outlook. It works by setting a custom Outlook homepage via registry keys that ...

We Can Do BetterAs a Detection Engineer and Threat Hunter, I love MITRE ATT&CK and I whole-heartedly believe that you should too. However, there’s something about the way that some folks leverage MTIRE ...

OverviewA remote code execution (RCE) vulnerability in the Ghostscript document conversion toolkit, identified as CVE-2024–29510, is currently being exploited in the wild. Ghostscript, which comes pre-installed on many Linux distributions, is used ...

In modern cybersecurity operations, threat hunting has become an essential proactive defense strategy. Leveraging Security Orchestration, Automation, and Response (SOAR) playbooks enhances this activity, making it more efficient and effective. This blog ...

In modern cybersecurity operations, threat hunting has become an essential proactive defense strategy. Leveraging Security Orchestration, Automation, and Response (SOAR) playbooks enhances this activity, making it more efficient and effective. This blog ...

https://github.com/elastic/dorothyOverviewOkta is a leading identity and access management (IAM) platform designed to help organizations securely manage and streamline user authentication and authorization. It provides a comprehensive suite of services, including single sign-on ...

Detecting CVE-2024–32002 Git RCEDetecting CVE-2024–32002 Git RCEIntroductionCloning a git repository without thoroughly reviewing the code is a common practice, but it can lead to severe consequences if you’re running a version of Git (Prior ...

OverviewSystem Center Configuration Manager (SCCM), now known as Microsoft Endpoint Configuration Manager, is a comprehensive management solution for deploying, managing, and maintaining Windows-based devices and systems within an organization. It allows IT ...

OverviewOperation FlightNight is one of the latest large attacks utilizing ISOs to trick users into executing malware. This form of phishing has become common over the last few years and is showing ...

Hunting Impacket — Part 3Overview — Enumeration/System ToolsWelcome back. This is part three of our blog series covering the Impacket example tools. Impacket is a collection of Python classes focused on providing tools to understand and manipulate ...