Windows Registry & Osquery: The Easy Way to Ensure Users are Secured

Windows Registry & Osquery: The Easy Way to Ensure Users are Secured

The Windows registry is full of information, and with the proper tools, can be a gold mine for attackers and defenders alike. Attackers look to find specific configurations, credentials, or any information that can help them further attack systems, while defenders can use the registry to ensure that settings are ... Read More

One Year Later: Ensuring Windows is Protected from Meltdown+Spectre

2018: The year of speculative execution bugs A year ago, in January 2018, three hardware vulnerabilities known as Meltdown, Spectre Variant 1, and Spectre Variant 2 were disclosed to the public. Although disclosure was supposed to occur on January 9, news outlets found updates in the Linux Kernel and broke ... Read More

Hunting for Evil Launch Daemons – Identifying Suspicious Behavior with Osquery

| | macos, open source, osquery
Last week, Malwarebytes posted an article highlighting new malware discovered by John Lambert (Microsoft), Patrick Wardle (Objective-See and Digita Security) and Adam Thomas (Malwarebytes), and sure enough, persistence using launchd is still a common thing ... Read More
SSD study results via Radboud University

Vulnerabilities in SSD Encryption: Using osquery to Identify Vulnerable Windows Machines

| | Insider, osquery
Dark Reading and Forbes, among various other sources, have recently reported that Windows computers using the hardware encryption feature of many different types of solid-state drives (SSDs) are vulnerable to attacks that defeat it completely. These vulnerabilities, discovered by Radboud University researchers Carlo Meijer and Bernard van Gastel, affect multiple ... Read More