QEMU, MSYS2, and Emacs: Open-Source Solutions to Run Virtual Machines on Windows
As a tester, I do all my work inside a Virtual Machine (VM). Recently, I found myself in a situation where I needed to get a VM on a Windows […]
As a tester, I do all my work inside a Virtual Machine (VM). Recently, I found myself in a situation where I needed to get a VM on a Windows […]
A lot of emphasis and focus is put on the investigative part of SOC work, with the documentation and less glamorous side of things brushed under the rug. One such […]
This webcast was originally published on October 4, 2024. In this video, experts delve into the intricacies of DLL hijacking and new techniques for malicious code proxying, featuring a comprehensive […]
By Erik Goldoff, Ray Van Hoose, and Max Boehner || Guest Authors This post is comprised of 3 articles that were originally published in the second edition of the InfoSec […]
This webcast was originally published on September 26, 2024. In this video, Kevin Klingbile from Black Hills Information Security discusses the intricacies of Azure Cloud services and M365, focusing on […]
by Austin Kaiser // Intern Hacking a satellite is not a new thing. Satellites have been around since 1957. The first satellite launched was called Sputnik 1 and was launched […]
While DLL hijacking attacks can take on many different forms, this blog post will explore a specific type of attack called DLL proxying, providing insights into how it works, the potential risks it poses, and briefly the methodology for discovering these vulnerable DLLs, which led to the discovery of several zero-day vulnerable DLLs that Microsoft has acknowledged but opted to not fix at this time.
This webcast was originally published on September 12, 2024. In this video, Kirsten Gross and James Marrs discuss how logging strategies can affect cyber investigations, specifically focusing on Windows logs. […]
Changes to the msds-KeyCredentialLink attribute are not audited/logged with standard audit configurations. This required serious investigations and a partner firm in infosec provided us the answer: TrustedSec. So, credit where […]