While DLL hijacking attacks can take on many different forms, this blog post will explore a specific type of attack called DLL proxying, providing insights into how it works, the potential risks it poses, and briefly the methodology for discovering these vulnerable DLLs, which led to the discovery of several zero-day vulnerable DLLs that Microsoft has acknowledged but opted to not fix at this time.
This webcast was originally published on September 12, 2024.  In this video, Kirsten Gross and James Marrs discuss how logging strategies can affect cyber investigations, specifically focusing on Windows logs. […]
Changes to the msds-KeyCredentialLink attribute are not audited/logged with standard audit configurations. This required serious investigations and a partner firm in infosec provided us the answer: TrustedSec. So, credit where […]
Recently in the SOC, we were notified by a partner that they had a potential business email compromise, or BEC. We commonly catch these by identifying suspicious email forwarding rules, […]
It is no surprise that growing your social network can help get your name out there and provide opportunities to advance your career. LinkedIn, one of the original career-focused networking […]
by Gerald Auger of Simply Cyber // Guest Author You want to break into cybersecurity? That’s AWESOME. I’ve been in the field for 20 years and I LOVE IT! But […]
| Bronwen Aker // Sr. Technical Editor, M.S. Cybersecurity, GSEC, GCIH, GCFE Go online these days and you will see tons of articles, posts, Tweets, TikToks, and videos about how […]
This article was originally published in the second edition of the InfoSec Survival Guide. Find it free online HERE or order your $1 physical copy on the Spearphish General Store. […]
This is the first installment in a series of blogs relating to practical analysis of wireless communications: what they are, how they work, and how they can be attacked. In […]
