DFIR
-
North Korea’s Secret Army: How DPRK IT Workers Infiltrated 300+ US Companies
North Korean government operatives are posing as remote IT workers inside Western companies, funnelling salaries…
-
Windows Event Log IDs Every Blue Teamer Should Know
There are hundreds of Windows Event IDs but you really only need about 30 of…
-
Unveiling the Snake Infostealer: How It Spreads Through Facebook Messenger
In early 2024, researchers at Cybereason uncovered a new threat targeting Facebook users — a…
-
Server Message Block (SMB) 101: The Protocol That Keeps Getting Abused
SMB — Server Message Block — is one of those protocols that most Windows users…
-
Domain Name System (DNS) Logs 101: The Defender’s Underrated Data Source
If you ask most security analysts what their most valuable data source is, they’ll say…
-
PIKABOT: The Malware That Stepped Into QakBot’s Shoes
When law enforcement took down QakBot in August 2023, many in the security community wondered…
-
Delving Into the Mark of the Web: Windows’ Hidden Security Boundary
There’s a little-known security feature built into Windows that quietly influences whether a file you…
-
Exploring RDP Logs: What They Tell You and Why You Should Care
Remote Desktop Protocol (RDP) is one of the most widely used — and most abused…
About Author

Subhash Thapa
Security Analyst (SOC, AI, MDR & IR) | CEH | CCSP | CCIO | CSFPC
Latest Posts
Weekly threat intel, straight to your inbox
Free. No noise. Unsubscribe anytime.






