Posted on 2020-10-26Josiah Smith
Cybersecurity Awareness Month was launched in 2004 as a broad effort to help all Americans stay safer and more secure online. Over the years, the program's themes have changed with technology and matured into a widespread initiative. This blog admires the effort of the security industry and governmental organization inspiring to create change and keep cyberspace safe. Read through a bit of history, steps to create a program, and a maturity model framework.
Posted on 2020-10-13Erik Pistelli
Reverse engineering malicious documents with Cerbero Suite. The Hacker's Multitool provides functionality to aid in a multitude of analysis needs. With support for Office Documents, PDFs, images, Email, RTF, and SDK is just the beginning. There is also the flexibility to analyze Windows memory and crash dumps or to integrate with Ghidra. For in-depth malware analysis, make sure to subscribe to their YouTube channel.
Posted on 2020-09-29Chris Morrow
InQuest Labs is one year old! Let's take a look at how the site has grown over the last year, the new API documentation, and what's in store for the future of Labs!
Posted on 2020-08-28Josiah Smith
Two common approaches are commonly used to help fulfill the requirement for protecting the security of an organization. Defense in depth describes the layered, redundant approach to cover a variety of attack vectors. Detection in depth describes the multiple detection points within an attack chain. In an effort to throw everything and the kitchen sink at the problems associated with cyber defense, InQuest has incorporated Detection in-depth methodologies alongside our intelligent orchestration in order to help Prevent, Detect, and Hunt the cyber-threats impacting our modern world.
Posted on 2020-08-15Josiah Smith
A while back we had an interesting alert generated from one of the InQuest DFI sensors that were initially very suspicious, but proved to be entertaining and still questionable regarding the true purpose of the activity. My initial suspicion was driven to an event highlighting an Image with an Embedded executable.