-
MFA Bypass – how frameworks like Evilginx are giving threat actors the tools to succeed.
Hopefully it is well known by now that two-factor/multi-factor authentication (MFA) is not a silver-bullet to all your cyber problems. The tooling – Evilginx I previously wrote about Evilginx and how we are starting to see it more and more, even though the original tool was developed back in 2017: https://github.com/kgretzky/evilginx2 What is it? Evilginx…
-
The anatomy of a forensic investigation
Yesterday some of the Gridware DFIR team had the pleasure of visiting and presenting to the Clyde & Co cyber team on the anatomy of a forensic investigation. Thanks for having us!
-
Gridware Insights Episode 1
The first episode of #GridwareInsights!! Check it out below.
-
Latitude Finance: cyber incident update
Latitude Finance have confirmed that the threat actor responsible for the breach to their systems has requested a ransom payment to prevent the leakage of data exfiltrated [ransom amount yet to be disclosed]. Further information is yet to come;
-
TAFE NSW Institute of Applied Technology (IAT) opening
Excited last night to attend the opening event for TAFE NSW’s new Institute of Applied Technology. TAFE have worked with Microsoft, Macquarie University and University of Technology Sydney to develop micro-skill and micro-credential courses for people to get the skills required for junior roles in tech including cyber, AI, data analytics. All at an affordable…
-
CISA’s new tool: Untitled Goose Tool
Cybersecurity & Infrastructure Security Agency (CISA) have published a new tool to assist responders to detect malicious activity in Microsoft Cloud environments (Azure) using multiple sources for analysis; Azure sign in, Azure audit, M365 unified audit log, Microsoft Defender for IoT, Microsoft Defender for Endpoint Links: https://github.com/cisagov/untitledgoosetool https://www.cisa.gov/resources-tools/resources/untitled-goose-tool-fact-sheet
-
BreachedForums operator “Pompompurin”
Notorious Pompompurin has allegedly been arrested with charges of computer crime: https://news.bloomberglaw.com/privacy-and-data-security/dark-web-breachforums-operator-charged-with-computer-crime RIP 💀
-
Institute of Applied Technology (IAT) Digital site-visit
Was great to be invited today to visit TAFE’s latest site, the Institute of Applied Technology (IAT) at Meadowbank. https://www.tafensw.edu.au/iat This campus has a focus on technology specific courses, which have been developed in partnership Microsoft, Macquarie University, and the University of Technology Sydney (UTS). So glad to see all the investment NSW Government is…
-
Change of blog intent
Whilst I’ve had this blog up and running for a while now, with the original intent of regularly writing articles, blogs and research, I have come to realise now a year later that this is maybe not my desire. Time constraints are one thing, but with the prevalence of ChatGPT, I don’t just want to…
NPD4n6: Nicks DFIR blog 