AmCache artifact: forensic value and a tool for data extraction
Introduction
When it comes to digital forensics, AmCache plays a vital role in identifying malicious activities in Windows systems. This artifact allows the identification of...
More .well-known Scans – SANS Internet Storm Center
I have been writing about the ".well-known" directory a few times before. Recently, about attackers hiding webshells , and before that, about the purpose...
Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms – Krebs on Security
U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a...
Salesforce’s trusted domain of doom • Graham Cluley
Researchers uncovered a security flaw in Salesforce’s shiny new Agentforce. The vulnerability, dubbed “ForcedLeak”, let them...
The D.R. Incident – Darknet Diaries
Full Transcript
Omar Avilez worked in the CSIRT of the Dominican Republic when a major cyber security incident erupted. Omar walks...
Gamaredon X Turla collab
In this blogpost, we uncover the first known cases of collaboration between Gamaredon and Turla, in Ukraine.
Key points of this...
