Threat Hunting Takes Maturity First, how are threat hunting and incident response different? Any incident response typically follows the same broad pattern: get an alert of some unusual activity on your network, look for the source of the alert, and then take preventative action, if necessary. Threat hunting also means looking for problems and taking preventative action, but the process starts without an…
Let us show to you a method to execute code in MS Word without enabling macros. This is a very simple approach to run a remote code on a targeted user. First, create a new word document, and then insert the domain: select = (Formula) Right click and change the field code Code Department changed: 1 {DDEAUTO c:\\windows\\system32\\cmd.exe “/k calc.exe” …
Today, BleepingComputer discovered a new variant of the CryptoMix ransomware that appends the .FILE extension to encrypted files and changes the contact emails used by the ransomware. In this article I will provide a brief summary of any changes that have occurred in this new variant. As we are always looking for weaknesses, if you are a victim of this variant and decide to…
