PinnedChristian TaillonNo Need to Panic: The Linux Kernel Panic CrowdStrike IssueFor about a week, I’ve noticed a sub-topic trend in the news articles and discussions regarding CrowdStrike’s infamous Blue Screen of Death…Jul 30Jul 30
PinnedChristian TaillonQakBot Detection: DUCK HUNTIn Russia, Ducks hunt you.Jun 28, 20221Jun 28, 20221
Christian TaillonPart-time Threat Hunting: Considering its EfficacyThis article is my response to two excellent blog posts by the Crowdstrike Overwatch team making the case against part-time threat hunting…Jan 4, 20231Jan 4, 20231
Christian TaillonQakBot Hunting: Autumn SpiceAutumn marks the beginning of the return of many familiar experiences. Familiar Halloween movies return to the screen; charming Fall time…Oct 4, 2022Oct 4, 2022
Christian TaillonQakBot Detection: DUCK HUNT Part 2 — The .LNKAs promised in Part 1 of QakBot Detection: DUCK HUNT, we have a few more concepts to examine regarding the QakBot malware. In Part 1, we…Jul 13, 2022Jul 13, 2022
Christian TaillonProphet Spider Exploits Citrix ShareFile to Deploy WebshellThe adversary group nicknamed Prophet Spider by Crowdstrike has chosen a new vulnerability to include in its exploitation tool kit. This…Mar 18, 2022Mar 18, 2022
Christian TaillonWhat do we actually know about the Darkside Ransomware operators?You have likely heard a great deal about attacks on U.S. companies from Russian hacking groups such as Darksides attack on Colonial…Jun 7, 2021Jun 7, 2021
Christian TaillonGitHub Actions Abuse by CryptominersAdversaries are abusing GitHub Actions to run known Cryptominers. GitHub Actions is a CI/CD solution to run scheduled tasks and provide…Apr 5, 2021Apr 5, 2021