**Castle and Sand is a KC7 module that I recommend to anyone once they become comfortable with Kusto Query Language (KQL). My objective in this write-up is to provide additional context on what a S...

Introduction Disclaimer: This content is intended for educational and research purposes only. Do not download or interact with malware without appropriate safeguards and precautions. To bridge ...

Disclaimer: This article is for research and educational purposes. Do not visit phishing websites without proper precautions. To recap the previous section, I found a pattern in how the E-ZPass si...

Disclaimer: This article is for research and educational purposes. Do not visit phishing websites without proper precautions. Did you ever get those text messages saying you have a package waiting...

Over the past month, I’ve been introduced to a bunch of threat intelligence tools and resources, and one question has been floating around my head: How the hell do I homelab this? Many companies ta...

Critical Compromise in Chicago—ICS takes inspiration from a real-life cyberattack in 2015 in Ukraine. I highly recommend Andy Greenberg’s book, Sandworm, for a gripping account of the malware used ...