Cloud-first enterprises increasingly rely on Identity Providers (IdPs) like Azure AD and Okta as their new perimeter, but many SOCs are only just catching up. Without strong identity-focused monitoring, attackers can quietly slip in with stolen credentials or session cookies and move laterally between cloud apps. Cloud-based identities are an…
In this post is my analysis of a provided sample at the end of my Practical Malware Analysis and Triage course from HuskyHacks / Matt Kiely. The binary is benign and was used to further familiarize myself with the tools and techniques learned throughout the course. I really enjoyed the course…
This year I worked to complete challenges in the SANS Holiday Hack event for the first time. I managed to keep up mostly through the prologue and the first two acts, priorities shifted and needing to study for my upcoming Practical Malware Research Professional exam led me to choosing not…
This is my first time participating in an actual capture-the-flag event, and I am definitely happy to have gotten as far as I did. I worked alongside a team of colleagues at my work, so I did not solve every challenge myself (not for lack of trying). Throughout my work…
It’s 2024 — Anybody who has ever worked in a corporate role at some point understands what phishing is at a basic level. It starts with receiving an inconspicuous email, clicking the link, entering your credentials, and immediately the security team is calling you to assign multiple hours of phishing…
