Phishing Email Analysis

They clicked the link!

Posted on March 26, 2018

An alert for a phishing email is received where a user clicked a link! Joy. This is how I, and most other analysts like me, start their days. Usually with some measure of fire, and an equal degree of uncertainty as to the scope of impact. Phishing emails are fairly... [Read More]
Tags: Blue Team, Analyst, From the trenches

Email Compromise Analysis

From the trenches

Posted on March 20, 2018

“This is an automated notice from Exchange Online Protection.” Great, that’s exactly the type of email everyone wants to see first thing in the morning. This could be usurped in popularity only by a robocall. That would certainly have the potential to get me excited before my first cup of... [Read More]
Tags: Blue Team, Analyst, From the trenches

IOT (In)Security

What could possibly go wrong?

Posted on March 6, 2018

We live in a society that is rapidly increasing its technological profile for the purposes of increased convenience. We are connecting our fridges, thermostats, security cameras, and even some children’s toys to the internet for various individual reasons that all boil down to an increase of convenience and in some... [Read More]
Tags: IOT

APT Research

It's not just Bears that roam these woods.

Posted on February 27, 2018

Introduction Traditionally, networks have always had a border that would protect the inner systems and users of that network, and that was defended by a firewall and a team of network security professionals. In today’s age however, that network border has been slowly disappearing with the rise of cloud computing,... [Read More]
Tags: Offense, Nation State, APT