Employing FeatureUsage for Windows 10 Taskbar Forensics Research into a registry artifact known as ‘FeatureUsage’ and how it can be used in digital forensics investigations. Read (External) Finding, Hunting and Eradicating Spicy Hot Pot, a Persistent Browser Hijacking Rootkit Investigation into a persistent browser hijacking rootkit known as ‘Spicy Hot Pot’. Read (External) Malicious Self-Extracting Archives, Decoy Files and Their Hidden Payloads Analysis of an empty SFX archive with hidden functionality to allow it to be used as a backdoor. Read (External) Detection Guidance for ConnectWise CVE-2024-1709 How to detect exploitation of ConnectWise CVE-2024-1709 Read (External) Advanced Persistent Threat Targeting Vietnamese Human Rights Defenders Finding an APT which had been present in an environment for years and analysing their malware Read (External) Oh No Cleo! Cleo Software Actively Being Exploited in the Wild Investigation into a 0-day present in Cleo software that was actively being exploited in the wild Read (External) Oh No Cleo! Malichus Implant Malware Analysis Deep dive investigation into an implant targeting Cleo software which we named ‘Malichus’ Read (External)
