InQuest Blog
Posted on 2023-02-27Darren Spruell
Microsoft OneNote is a file type now entrenched in the ongoing saga of abused file formats leveraged by adversaries to reach through defenses and deliver malware payloads to end users. Recently, we have seen OneNote's sudden rise to prominence, following a pattern of other types of files used in the same capacity. Below are our insights into aspects of the threat landscape and tips organizations should consider to protect users and their data.
Posted on 2023-01-31Trevor Borden
ThreatIngestor is a flexible, configuration-driven, extensible framework for consuming threat intelligence. It can monitor Twitter, RSS feeds, and other sources, extract meaningful information like C2 IPs/domains and YARA signatures, then send that information to other systems for analysis.
Posted on 2023-01-03Isabelle Quinn
Posted on 2022-12-29Isabelle Quinn
Email hygiene in the world of security has to do with configuring a set of email authentication and verification methods that prove to ISPs and mail services that your sending servers are, in fact, authorized to send out email from your domains.
Posted on 2022-12-13Chase Sims and Nick Chalard
Those who keep tabs on ransomware are no doubt aware of the Black Basta ransomware group. They’ve gained their share of notoriety since some of the group’s malicious code was first detected back in April of 2022. What is interesting here today is that in just the past two weeks, Black Basta deployments are on the rise.