May 23Hunting Lazarus Group’s TTPsIntroduction This aims to serve as a repo of procedures attributed to Lazarus Group activity that can immediately be actioned on by threat hunters given the right logs. Along with each TTP is at least one potential way to hunt for the activity. Let me be clear, you can run all…Cti5 min readCti5 min read
Dec 18, 2022Identifying Phishing Pages with ShodanMethodology In an effort to proactively identify phishing pages on the internet, I took to Shodan and started crafting queries to identify pages targeting Microsoft and Google. As with everything else in security, there is no sliver bullet. …Threat Intelligence5 min readThreat Intelligence5 min read