Mining off the Land: Cryptomining Enabled by Native Windows Tools

A lesson I learned early in my career is that technology professionals often inherit older problems. This is especially true of administrators responsible for network services and security because they inherit the biggest snowball of problems: an enterprise network. Networks often grow in ways that make them harder to secure and maintain as they age, […]

Tried-and-True Tactics: How an Adversary Mixed Lateral Movement and Cryptomining

Cryptomining continues to be a hot topic as the values of cryptocurrencies fluctuate, and adversaries use mining as an easy way to make money without needing escalated privileges. In my last detection post, I wrote about mining as the objective of exploitation against Oracle WebLogic systems. In this detection, we’ll look at how one adversary […]

Windows Registry Attacks: Knowledge Is the Best Defense

Let’s talk about the Windows registry… yes, that mysterious and oh-so-dangerous piece of the Windows operating system that we were warned against messing with from the moment we booted up our first PC. Turns out, the Windows registry is not as scary as everyone makes it out to be. Granted, if you do not know what […]