Windows CrowdStrike BSOD Incident: Steps for Recovery and Mitigation

News
Posted on
Spread The Knowledge 😌
        

Spread The Knowledge 😌        On July 19, 2024, many organizations in the IT world encountered a Blue Screen of Death (BSOD) issue. While it was a work-free Friday for many folks, causing some initial excitement, this incident severely impacted airlines, banks, stock markets, and other businesses across the globe. Let’s dive deep to understand what happened, …

Read more “Windows CrowdStrike BSOD Incident: Steps for Recovery and Mitigation”

 
       

Crucial System Files That Can Be Leveraged by Threat Actors(Unexplored LOLBIN)

Information Security
Posted on
Spread The Knowledge 😌
        

Spread The Knowledge 😌        System files are integral to the smooth operation of your Windows operating system. However, when these files fall into the wrong hands, they can be leveraged for malicious purposes. In this blog, we will discuss their capabilities, and the potential threats they pose. ForFiles.exe Location: ‘C:\Windows\System32\forfiles.exe’ Supported Versions: Windows Vista onwards Capabilities: …

Read more “Crucial System Files That Can Be Leveraged by Threat Actors(Unexplored LOLBIN)”

Transforming Python scripts into .exe – a powerful factor of coding prowess.

Python
Posted on
Spread The Knowledge 😌
        

Spread The Knowledge 😌        When working in digital forensics, Python scripts are often essential for parsing digital artifacts. However, these scripts typically rely on multiple external modules, which can make them difficult to transport and execute across different environments. As an Incident Responder, having portable executables or batch files that can be run anywhere is crucial …

Read more “Transforming Python scripts into .exe – a powerful factor of coding prowess.”

Investigating a Data Exfiltration Scenario

Information Security
Posted on
Spread The Knowledge 😌
        

Spread The Knowledge 😌        Hi everyone, today I want to discuss a data exfiltration scenario I recently encountered during an investigation. As a security researcher, it’s crucial to identify and understand how attackers are stealing data. Unusual Network Traffic The initial red flag was unusual network traffic patterns, which often indicate potential data exfiltration. This triggered …

Read more “Investigating a Data Exfiltration Scenario”