This project simulates a Tier 1 SOC investigation using Splunk. The investigation focuses on a high-severity alert involving suspicious login activity, obfuscated PowerShell execution, and outbound ...
PsExec is a Windows remote execution utility for admins to launch processes, manage systems, and automate tasks across networked PCs. It is part of the Sysinternals suite and is commonly used when ...
When I’m using my Microsoft Windows Servers remotely, I still use the built-in Remote Desktop Protocol (RDP) that ships with Windows. That’s because it’s fast, I can pass through my mic and sound, and ...
Spread the love“`html In the digital age where collaboration and productivity are paramount, Microsoft 365 has emerged as a powerhouse. For businesses of all sizes, being able to efficiently add users ...
Prinz Eugen ransomware targets recently modified files first and skips ransom notes, exposing backup, EDR, and incident ...
ThreatsDay Bulletin covers this week’s cyber threats, from phishing and ransomware to exposed AI systems, sandbox flaws, and ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Parallels, a leading global provider in virtualization and end-user computing (EUC) solutions, today announced a significant update to Parallels RAS (Remote Application Server), introducing a new ...
At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t look like that is going to change anytime soon. We’re now into June and the ‘fix’ attacks have ...