Posted on 2020-10-13Erik Pistelli
Reverse engineering malicious documents with Cerbero Suite. The Hacker's Multitool provides functionality to aid in a multitude of analysis needs. With support for Office Documents, PDFs, images, Email, RTF, and SDK is just the beginning. There is also the flexibility to analyze Windows memory and crash dumps or to integrate with Ghidra. For in-depth malware analysis, make sure to subscribe to their YouTube channel.
Posted on 2020-09-29Chris Morrow
InQuest Labs is one year old! Let's take a look at how the site has grown over the last year, the new API documentation, and what's in store for the future of Labs!
Posted on 2020-08-28Josiah Smith
Two common approaches are commonly used to help fulfill the requirement for protecting the security of an organization. Defense in depth describes the layered, redundant approach to cover a variety of attack vectors. Detection in depth describes the multiple detection points within an attack chain. In an effort to throw everything and the kitchen sink at the problems associated with cyber defense, InQuest has incorporated Detection in-depth methodologies alongside our intelligent orchestration in order to help Prevent, Detect, and Hunt the cyber-threats impacting our modern world.
Posted on 2020-08-15Josiah Smith
A while back we had an interesting alert generated from one of the InQuest DFI sensors that were initially very suspicious, but proved to be entertaining and still questionable regarding the true purpose of the activity. My initial suspicion was driven to an event highlighting an Image with an Embedded executable.
Posted on 2020-07-27Josiah Smith
While we come across fresh and evasive document carriers on a regular basis, it's not every day we see one with great polish. On July 20th we broke down the individual components of a malicious Office document and drove some collaboration within the Twitter Thread.