• Detection Surface Series: 1) Loggable to Detectable

    The basic activity diagram of security logging is as follows: logging_activity_diagram Note that there are many steps involved in this process. It all starts with, “do we even really want to log and monitor this activity?” In a hypothetical world, a security professional’s dream answer would be, “Yes, and every single action that may represent a security relevant event should indeed be logged.”

  • Malware Analysis - Zloader

    Campaign Information

    In 2021 September, I came across a (then) recent sample for Zloader. After finishing with most of the static analysis steps, I noticed there is already existing research on this by SentinelOne, but I thought carrying on with the analysis will be good practice and use of my time. zloader_vtgraph

  • Book Review - Incident Response Techniques for Ransomware Attacks

    A comprehensive Ransomware Tactics summary with a wealth of Digital Forensics insights 🔍

    Understand modern ransomware attacks and build an incident response strategy to work through them - by Oleg Skulkin