We share our expertise to make the world a safer place.
InfoSec moves at a rapid pace and sometimes it’s hard to keep up—that’s where we enter the chat.
Discover current cybersecurity insights
Get vital information straight from the experts, without all the noise.
Pull Your SOCs Up
"It is a capital mistake to theorize before one has data. Insensibly one begins to twist facts to suit theories, instead of theories to suit facts."-Sir Arthur…
Security Noise - Episode 7.2
What I Did At Hacker Summer Camp
Console Cowboys: Navigating the Modern Terminal Frontier
Master the command line with our top 18 tools, from productivity boosters to system monitors, to streamline your workflow and tackle legacy systems with…
How to Get the Most Out of a Pentest
TL;DRDefine the goal of an assessment.Take time to choose the right assessment type.The more detail you give about an asset, the better quality your report…
Putting Our Hooks Into Windows
We're back with another post about common malware techniques. This time we are talking about setting Windows hooks. This is a simple technique that can be used…
Security Noise - Episode 7.1
CrowdStrike After Action
When on Workstation, Do as the Local Browsers Do!
1 IntroductionWeb browsers are common targets for many different APTs. Tools like Redline Malware or penetration testing tools such as SharpChrome or…
Gobbling Up Forensic Analysis Data Using Velociraptor
Lately I have been working with Velociraptor for its endpoint and digital forensic capabilities and specifically spent time in many cases in the past two years…
The Hunter’s Workshop: Mastering the Essentials of Threat Hunting
As an incident unfolds, skilled threat hunters with a special talent for uncovering hidden threats stand at the ready. These hunters smoke jump into the chaos…
Understanding and Documenting PCI DSS Scope
As new PCI DSS guidance emerges, the expectations placed on auditors and the entities they assess are evolving. New requirement 12.5.2 defines scope…
Oops I UDL'd it Again
IntroductionPhishing. We all love phishing. This post is about a new phishing technique based on some legacy knowledge I had that can be used to get past email…
Must I TRA?: PCI Targeted Risk Analysis
Use of Targeted Risk Analysis (TRA) is a PCI best practice until March 31, 2025, at which time it becomes required for several controls across many assessment…
Loading...
Get our best blogs, latest webinars, and podcasts sent to your inbox.
Our monthly newsletter makes it easy to stay up-to-date on the latest in security.
