Collaborate Disseminate
In my last blog post, I provided a brief description of how I perform “Registry analysis”, and I thought it would be a good idea to share the actual mechanics of getting to the point of performing Registry analysis.First off, let me state clearly that … Continue reading Registry Analysis, pt II
It’s April 2020 Patch Tuesday, and during these challenging times of coronavirus pandemic, this month’s patch management process would not go easy for many organizations where most of the resources are working remotely.
Microsoft today released the la… Continue reading Microsoft Issues Patches for 3 Bugs Exploited as Zero-Day in the Wild
When you see the words, “Registry analysis”, what comes to mind? Okay, now…what actually happens when we ‘do’ this thing we call “Registry analysis”? More often than not, what this refers to manifests itself as opening a Registry hive file… Continue reading Registry Analysis
My favorite Gartner paper has just been updated to its 3rd version! “How to Develop and Maintain Security Monitoring Use Cases” was originally published in 2016 as a guidance framework for organizations trying to identify what their securit… Continue reading From my Gartner Blog – Developing and Maintaining Security Monitoring Use Cases
Remember xHelper?
A mysterious piece of Android malware that re-installs itself on infected devices even after users delete it or factory reset their devices—making it nearly impossible to remove.
xHelper reportedly infected over 45,000 devices last … Continue reading Unveiled: How xHelper Android Malware Re-Installs Even After Factory Reset
As an industry and community, we need to go beyond…go beyond looking at single artifacts to indicate or justify “evidence”, and we need to go beyond having those lists of single artifacts provided to us. Lists, such as the SANS DFIR poster of a… Continue reading Going Beyond
Since my blogging whip was gone I haven’t been posting as frequently as I’d like, but I realized we had recently published new versions of some of our coolest research and I completely missed announcing them here! So let me talk a bit about… Continue reading From my Gartner Blog – New Research on Threat Intelligence and SOAR
A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devi… Continue reading Critical RCE Bug Affects Millions of OpenWrt-based Network Devices
Microsoft today issued a new security advisory warning billions of Windows users of two new critical, unpatched zero-day vulnerabilities that could let hackers remotely take complete control over targeted computers.
According to Microsoft, both unpatc… Continue reading Warning — Two Unpatched Critical 0-Day RCE Flaws Affect All Windows Versions
Though it’s not Patch Tuesday, Adobe today released a massive batch of out-of-band software updates for six of its products to patch a total of 41 new security vulnerabilities.
Adobe last week made a pre-announcement to inform its users of an upcoming… Continue reading Adobe Releases Critical Patches for Acrobat Reader, Photoshop, Bridge, ColdFusion