Threat Research Blog Archives - illusive

Azure PIM Default Configuration Creates “Shadow Admin” Risks

Posted on June 28, 2022August 31, 2022 by clinton karr

Hybrid Identities: The On-Prem to Cloud Connection

Posted on March 21, 2022June 1, 2022 by clinton karr

Preventing BlackMatter Ransomware from Encryption of Available Remote Share

Posted on January 7, 2022October 4, 2022 by clinton karr

MailSniper – You Can Teach an Old Dog New Tricks: Pwn O365-based Organizations by Leveraging PRT-based SSO

Posted on December 1, 2020May 10, 2021 by admin

When Everyone’s Dog Is Named Fluffy

Posted on January 22, 2019May 10, 2021 by admin

Externalizing deception: The creation and use of deceptive Open Source Intelligence

Posted on August 13, 2018May 10, 2021 by admin

Deconstructing a Modern Bank Heist: the [not] Carbanak source code leak

Posted on August 3, 2018May 10, 2021 by admin

Why and How to Extract Network Connection Timestamps for DFIR Investigations

Posted on March 14, 2018May 10, 2021 by admin

Improving Cyber Investigation Outcomes through Better Visualization of Historic Process Execution Events

Posted on January 30, 2018May 10, 2021 by admin

Windows Console Command History: Valuable Evidence for Live Response Investigation

Posted on January 11, 2018May 10, 2021 by admin