Intelligence Analyst

Tony Lambert

Tony is a professional geek who loves to jump into all things related to detection and digital forensics. After working in enterprise IT administration and detection engineering for several years, he now applies his DFIR skills to research malware, detect malicious activity, and recommend remediation paths. Tony is a natural teacher and regularly shares his findings and expertise through blogs, research reports, and presentations at conferences and events.
 
The Goot cause: Detecting Gootloader and its follow-on activity
 
KMSPico and Cryptbot: A spicy combo
 
When Dridex and Cobalt Strike give you Grief
 
Microsoft Exchange server exploitation: how to detect, mitigate, and stay calm
 
Clipping Silver Sparrow’s wings: Outing macOS malware before it takes flight
 
Chain Reactor: Adversary Simulation on Linux
 
Hunting for GetSystem in offensive security tools
 
ATT&CK® Deep Dive: Rootkits