Oh wow, a new blog post! Disclosing some VMware vulnerabilities (UEM exportable certificate and reflected XSS on vmwareidentity[.]de): edermi.github.io/post/2021/vmwa…

Introduction to THOR Lite - Slides: what is THOR? - Custom IOCs and YARA rules - Live demo Video (54min) youtube.com/watch?v=C0absU… (still bothered by every slip of the tongue & "em", but in this quality I can produce much more content & cover much more topics)

Just published new #Confluence CVE-2021-26084 IoCs based on multiple exploited Linux Servers: github.com/hvs-consulting… Please patch your vulnerable Confluence appliances! There is zero tolerance for internet facing applications not being patched!

Oh boy! qualys.com/2022/01/25/cve…

A few days ago a German gov agency just queried their IOC mgmt platform for "Russia", exported ~17,000 IOCs (some of them from 2007) including IP addresses(!) and sent them to hundreds of recipients That's what I call an IOC cluster bomb, causing panic and wasting analyst time

I am excited to announce the launch of my new blog, DFIR Delight ➡️ dfir-delight.de Check it out and stay tuned for next weeks post on how to read and write threat reports #DFIR #CyberSecurity #CyberSec #DFIRDelight #DigitalForensics #IncidentResponse #BlueTeam

🚀 Exciting news! My third blog post is live now. This time, I'm diving deep into the world of threat reports, specifically focusing on "Reading and Writing Threat Reports." dfir-delight.de/p/threat-repor… #DFIR #DFIRDelight #DigitalForensics #IncidentResponse #MISP #YARA #SIGMA

We recently published new #BlackBasta IOCs gained during an Incident Response assessment. The IOCs disclose various C2 IPs and domains of an ongoing Black Basta campaign. You can find a description and a link to the IOCs here: dfir-delight.de/p/black-basta-… #Ransomware #C2

Some time ago, I found a vulnerability in a customer's remote access (Citrix) configuration that allowed bypassing MFA under certain conditions. If you're interested, here are the details: edermi.github.io/post/2024/mfa_…

NFS has not received much attention of the offensive security community in nearly a decade. Today, we are happy to share our research on the topic: hvs-consulting.de/en/nfs-securit…. I'll give you a short overview in this thread 🧵 (1/5) #redteam #pentest

“The Heart of every Incident: Incident Coordination” by ⁦Moritz Oettle (@moettle.bsky.social)⁩ dfir-delight.de/p/incident-coo…

Happy to announce my new blog post highlighting the importance of Incident Coordination: The Heart of every Incident: Incident Coordination dfir-delight.de/p/incident-coo…