Check out my first blog contribution here where we discuss a recent intrusion my team investigated, from an initial access Gootloader infection, 2nd stage payloads, and lateral movement to credential access. Super proud of this! https://t.co/aIcctOQpW3
Business Email Compromise (BEC) attacks are becoming increasingly common. Register for our next #webinar where we will cover:
📥Microsoft 365 License levels
📈Log sources and accompanying data
🔎Common evidence locations https://t.co/CP8tQE0ze2
@kirbytypes@StevenErwin
Business Email Compromise (BEC) can threaten an organization's security at any level. During our next webinar, our experts will cover how pinpoint critical logs and artifacts essential for detecting suspicious BEC activities. Register now! https://t.co/PHRebKxLUW
I don't post on here much, but figured since this is my "professional" account, I would share that I'm thrilled to have joined the @TrustedSec DFIR & Threat Hunting team back in May! It's been a great couple months so far, with lots of learning ahead of me. Truly thankful!
A massive data breach at AT&T exposed the data of "nearly all" of its customers. Incident Response Practice Lead Tyler Hudak spoke with Scripps News about what type of data could have been compromised and steps you can take to protect yourself. Watch now! https://t.co/R44YaB1Ann
🚀DFIR Labs CTF🚀
Our next CTF will be July 6, 16:00 – 20:00 UTC.
➡️Only $9.99 to join!
➡️Choose Elastic or Splunk as your SIEM
➡️Join our DFIR Labs CTF Discord Server
➡️Top 3 players win free swag!
Register: https://t.co/K7h3FX3KKf
More info: https://t.co/r0aat9qDjQ
Was offline for 3 days for personal stuff, wtf is "Xmail", why is LE cosplaying as a TA, why does Optum seemingly touch everything, and what in god's name is going on with U.S. mobile carriers????
🎉Happy International Enable Sysmon and 4688 Auditing Day🎉grab yourself a slice of cake, chat to a colleague about it, bring it up at your all hands company meeting, talk to your kids about the most exciting day in the cyber calendar - https://t.co/0IZpURUmy7
@ngochuynguyen@Kostastsale Ok yeah, but these vulnerabilities (for the most part) aren't being discovered by TAs first - many of these have been internal disclosures on review. Also its pretty crazy to equate all of these together when there are clear top runners for continuously vulnerable code.