Let's start this week with another #DCSO #CyTec article. 🥳 This time, our colleague 1nternaut 🕵️ shares his forensic kung regarding the newly released screenshot history feature in Microsoft's Edge browser with us. Check it out in the link below: medium.com/@DCSO_CyTec/mi… #dfir

The #DarkGate malware has updated its key log encryption scheme so perfect time for a: #ShortAndMalicious - DarkGate! We show you how the key is generated now, and we have released a set of tools to decrypt such files in addition. Check it out: medium.com/@DCSO_CyTec/sh…

We'll be there 🥳 We also have a ticket to #BruCON0x0F (28.9./29.9.) to give away - if you want it, retweet this post (and don't forget to follow so we can DM you) We'll pick a winner from the retweets at 2023-09-25 23:59 CEST

🎉 Just wrapped up an incredible time at #BruCon! 🌐🔐💡 The energy was off the charts, and the talks were nothing short of mind-blowing. 💬💥 Huge kudos to @BruCON for organizing an event where learning met fun! 🙌 Let's keep this cybersecurity momentum going! 💻🛡️ #CyTec 🦊

Our newest article provides a closer look at recent reporting on Volt Typhoon's "JDY" botnet management, which suggests that the threat actor uses Tor differently to what has been publicly documented so far. medium.com/@DCSO_CyTec/c4…

Users of #Ivanti Connected Secure appliances are currently affected by several security flaws. Our newest article provides an overview of the methods that can be employed to gather forensic evidence from Ivanti Connected Secure appliances. medium.com/@DCSO_CyTec/ov… #CyTec #DFIR

Außerdem: Die Experten von DCSO Deutsche Cyber-Sicherheitsorganisation konnten Kimsuky dabei beobachten, wie sie Daten ihrer Opfer auf Github hochgeladen haben – ob den Hackern bewusst war, dass man auf Github Daten wiederherstellen kann, ist unklar.

Our newest article delves into an intriguing #KONNI malware sample nested in a backdoored installer that we identified earlier this year and suspect to be part of #NorthKorea-linked activity targeting the Russian Ministry of Foreign Affairs. medium.com/@DCSO_CyTec/to… #CyTec #DCSO

Geolocating IP addresses 📌 can be difficult, and so-called geofeeds strive to streamline publishing precise information on an IPs physical location. But what if rogue ISPs use this to spread false information? Read more at medium.com/@DCSO_CyTec/4d… #DCSO #CyTec

The recent #XZBackdoor caused a lot of agitation in the Open Source Community. Today we publish a #ComprehensiveOverview what happened and how to check your system for affection. Read more at medium.com/@DCSO_CyTec/fb… #DCSO #DRIF #Cyber

Best sticker ever. #cti

DCSO's Incident Response Team unveils their open source ❤️ransomware recovery method for encrypted hypervisors. Discover how our experts help ransomware victims recover their most valuable data to restore their business operations. #DFIR #NoMoreRansom medium.com/@DCSO_CyTec/un…

Goooood morning everyone! Our team is looking for another Senior Technical Threat Researcher! So, check out our blog! Tell your friends and ping us if you awesome and interested! Check it out: dcso.de/job/senior-tec…

It's been a while! In our latest blog post we shed light on the #SafePay #ransomware which has been targeting 🇩🇪German organizations lately. You can read it here: medium.com/@DCSO_CyTec/sa…

🚨 How Fast You Detect - and Respond - Can Define the Outcome of a Cyber Incident 👉 Read more on our latest blog where we show how early detection and response made the difference medium.com/@DCSO_CyTec/ca…