🚨 Dive into our newest blog post: Detecting "Effluence" - an unauthenticated Confluence Web Shell 🕵️ Stroz Friedberg discovers a persistent backdoor installed by threat actors after exploiting Confluence vulnerabilities. This backdoor is accessible remotely without Confluence

🚨 Dive into our latest blog post: Remote Desktop Event Log Analysis - Variations In Logging For Event ID 1029 to understand the intricacies of event logs during lateral movement investigations Blog: aon.com/cyber-solution… #DFIR #IncidentResponse #Aon #StrozFriedberg

🚨 Gain insights into attack patterns observed across several incidents involving #Makop #ransomware Read more: aon.com/cyber-solution… #DFIR #IncidentResponse #Aon #StrozFriedberg

Our ransomware report is out today and it brings me no joy to share that 2023 was a record year in terms of ransoms paid — bringing us into the billions — a near doubling of 2022. 🧵1/6

Join our DFIR directors Partha Alwar and Carly Battaile for a forensic-focused Learning Lab at #RSAC2024 in San Francisco on May 9 at 8:30am PT. To view details on the session and reserve a seat visit aon.io/4aSsrrD #StrozFriedberg #DFIR #IncidentResponse #Aon #RSAC

If you're in San Francisco for #RSAC2024 tomorrow, check out Stroz Friedberg's talk "What A Cloud Bill Can Reveal" by Andre Maccarone at 10:50am PT. To view details on the session and reserve a seat visit aon.io/3xx4Cax. #StrozFriedberg #DFIR #IncidentResponse #Aon

Learn more about web privacy from Heidi Wachs and Mitch Green at our #RSAC2024 presentation, "Beyond Cookies: The Unseen Privacy Risks of Web Analytics" on May 9 at 9:40am PT. To view details on the session and reserve a seat visit aon.io/3JaXFOV #StrozFriedberg #DFIR

Join the Stroz Friedberg DFIR team during our three #RSAC2024 presentations on Thursday, May 9, 2024. Links: 1. Beyond Cookies: The Unseen Privacy Risks of Web Analytics - aon.io/3JaXFOV 2. What A Cloud Bill Can Reveal - aon.io/3xx4Cax 3. Learn to Forensicate:

Join Federico Cedolini at #BSides Pittsburgh on July 12th for his talk on "Exfiltrating your #M365 data with #OAuth Apps" to learn about mass data #exfiltration from M365 mailboxes. Learn more: bsidespgh.com/schedule #StrozFriedberg #DFIR #IncidentResponse #Aon

Rachel Kang will be speaking at #BSides Pittsburgh on July 12 about "The New Generation of #Phishing: Beyond the Mailbox". Her session will cover recent techniques in phishing and #BEC. Learn more: bsidespgh.com/schedule #StrozFriedberg #DFIR #IncidentResponse #Aon

Stroz Friedberg identified a stealthy #malware, dubbed “#sedexp,” utilizing Linux udev rules to achieve persistence and evade detection. This advanced threat, active since 2022, hides in plain sight while providing attackers with reverse shell capabilities and advanced

#ThreatProtection #Sedexp #Linux #malware uses #udev rules for persistence, read more about Symantec's protection: broadcom.com/support/securi…

Stealthy 'sedexp' Linux malware evaded detection for two years - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

🚀 Exciting Early Careers Opportunity in #DFIR! 🚀 Love solving puzzles? Want to be on the front lines of investigating cyber investigations? Kickstart your career with our Stroz Friedberg Digital Forensics and Incident Response practice! Our Cyber Associate Program is a

In our latest blog, 'Bypassing EDR through Retrosigned Drivers and System Time Manipulation,' we explore a new variation of a technique used by ransomware groups to bypass EDR and obscure malicious activities by leveraging expired code signing certificates to load malicious

🚀 Exciting Internship Opportunity in #Cybersecurity🚀 Kickstart your cybersecurity career with Aon through our Cyber Summer Associate Program! Whether you're interested in Digital Forensics and Incident Response (DFIR), Security Testing, or Security Advisory, this is your chance

In our latest blog, 'Mounted Guest EDR Bypass,' we explore a technique used by a ransomware group to bypass Endpoint Detection and Response (EDR) protections. Read more here: aon.io/3Vgdf2f #DFIR #IncidentResponse #StrozFriedberg #Aon #Ransomware

Stroz Friedberg has released a Python script that processes Jenkins job and plugin configurations, extracting key attributes into a CSV file to help identify suspicious activity. Read more here: aon.com/en/insights/cy… GitHub link: github.com/strozfriedberg… #Aon #StrozFriedberg

Stroz Friedberg has released Quick ESXi Log Parser (QELP), an open-source tool to swiftly parse ESXi logs and identify suspicious activities. Learn more about how QELP can enhance your DFIR investigations. Read more: aon.com/en/insights/cy… GitHub: github.com/strozfriedberg… #Aon

We are excited to announce that Stroz Friedberg DFIR is set to join LevelBlue as part of a definitive agreement to acquire Aon’s Cybersecurity and Intellectual Property (IP) Litigation consulting groups. This marks a new chapter for us, enhancing our offerings and allowing us to