Following the RTM
Researchers became aware of the activities of the RTM group in December 2015. Since then, phishing emails distributing the t…
-
SQM: New Evidence of Execution Source?
Forensicating one of compromised hosts during our recent incident response activities we h…
-
50 Shades of Ransomware
Ransomware is still one of the most common types of malware deployed during cyberattacks. …
-
Tools up: the best software and hardware tools for computer forensics
Igor Mikhailov is a digital forensic analyst of the digital forensic laboratory at Group-I…
Cyber Forensics Blog
Using MITRE ATT&CK for Forensics: Image File Execution Options Injection (T1183)
As was promised, we continue our Using MITRE ATT&CK for Forensics series. This time we are going to discuss another pers…
Using MITRE ATT&CK for Forensics: WMI Event Subscription (T1084)
First of all, I would like to thank all of those who liked and retweeted the previous article from this series, BITS Jobs (T…
The PoSh Hunter CTF
If you want to test your PowerShell skills and interested in threat hunting – the PoSh Hunter CTF is for you. …
Show More News
