Last updated: 21st June 2024
Last updated: 21st June 2024
Updated: 6th June 2024
Navigating through a common incident use case.
Last updated: 29th May 2024
Understanding an attacker’s behavior and the tactics, techniques and procedures (TTPs) they use is vitally important to any investigation – it provides critical context that allows for more efficient and effective investigations. This context informs what response actions are appropriate, and improves short, and long-term, response outcomes.
Updated: 14th June 2024
The reality of modern incident response is that it’s not always possible to remotely connect with every one of your endpoints. Some assets are required to be standalone and others, such as laptops, some may have become faulty, and others may have been removed as they have been compromised by – or are actively under attack from – the very breach you want to investigate.
When a breach occurs one of the first questions the investigating team leader will want answered is, ‘how many of our assets could this potentially impact or has it already impacted?’
At Binalyze we’re always actively monitoring for the latest exploits and attack vectors. We’re also in constant conversation with our customers, discussing threats in the wild and sharing best practice.
In this article, we’re going to discuss the surge in Microsoft OneNote malware attack vectors that started popping up towards the end of January this year, and the potential threat they continue to pose for enterprise security.
The DFIR Lab team at Binalyze have their finger on the pulse of the cybersecurity ecosystem to ensure that our DRONE assisted compromise assessment module within AIR always includes the latest IOCs.
The awareness and practice of digital forensics has been with us for over 40 years and although often seen as a reactive activity, digital forensics is now proving to be a vital part of the cybersecurity stack and increasingly effective when deployed proactively.