Extracting Quarantine Files from Windows Defender
Recently, I got an incident related to Windows Defender detected & quarantined file related to some backdoor. The MDE alert details show something like this: Usually, we go with the…
Recently, I got an incident related to Windows Defender detected & quarantined file related to some backdoor. The MDE alert details show something like this: Usually, we go with the…
Recently, I saw a person asking question on one of Telegram group that I’ve joined. The person said that if anyone know what kind of request is this. The person…
Recently, I encountered incident where several hosts been infected by < █████████ >. So, to investigate this incident, we received bunch of logs to be analyze; mostly Linux related logs.…
Recently I’ve read about this data leak; COMB: largest breach of all time leaked online with 3.2 billion records. According to the article, it was known as “Compilation of Many…
Recently, we have an incident where suspicious traffic was observed related to external C2. Initial finding found that this IP 172.241.27.17 (172.241.24.0/21) resolved to atakaitechnologieshost; according to pDNS in Virustotal…
Recently I’ve encounter list of IPs that are related to CoinHive. So I want to check for domains that tied to these IPs. We can do that by using dig…
As you read in the title above; to update your Python packages via pip. for Linux/*nix: p/s: you may need to run as sudo. Probably. for Windows: Credit: http://stackoverflow.com/questions/2720014/upgrading-all-packages-with-pip
There’s one time I encountered this error when executing a bash code/script: install.sh: Syntax error: "(" unexpected The script does not begin with a shebang line, so the kernel executes…
There is one time I see this kind of error: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL…
configure.ac:15: error: possibly undefined macro: AM_INIT_AUTOMAKE If this token and others are legitimate, please use m4_pattern_allow See the Autoconf documentation You can use this solution to solve it. – sudo…