In the ever-evolving landscape of cybersecurity, protecting endpoints—such as laptops, desktops, and servers—is crucial. One of the most effective tools for safeguarding these devices is Endpoint Detection and Response (EDR). This article will explain what EDR is, how it works, and why it is essential for modern cybersecurity. What is EDR? Endpoint Detection and Response Read More …
Tag: ir
GitHub Actions Supply Chain Attack
Source The recent GitHub Actions supply chain attack represents a multi-layered, targeted compromise that initially focused on Coinbase before escalating into a widespread incident affecting thousands of repositories. This sophisticated attack exploited critical CI/CD misconfigurations and leveraged leaked Personal Access Tokens (PATs) to gain unauthorized access, potentially leading to data breaches and code tampering. The Read More …
Incident Response Tabletop Idea
This is a scenario based incident response tabletop that I worked on with a colleague. I wanted to share with the world, as I have had immense success with this. It amazes me how a simple dice roll, really draws people in to the event. It sounds silly, but the sense of chance adds so Read More …
Hacker Video – Analyzing Meterpreter with Redline
A victim VM has been deliberately infected with Meterpreter via an IE exploit. The video shows copying over a Redline collector to extract forensic artifacts and save them to network share. The artifacts are then imported to an analysis workstation over sftp and opened in Redline. The analysis starts at the highest malicious score to Read More …