aseps Archives

Kansa: Powershell profiles potentially hazardous

davehull | May 18, 2014 | aseps, Kansa, powershell, powershell profiles

On the very day I published my previous post, Kansa: Collecting WMI Event Consumer backdoors, Mark Russinovich announced the release of a new version of Autoruns that collects WMI related ASEPs. I ...

trustedsignal -- blog

Kansa: Collecting WMI Event Consumer backdoors

davehull | May 13, 2014 | aseps, backdoor, Kansa, WMI Event Consumer

In my previous post, Kansa: Service related collectors and analysis, I discussed the Windows Service related collectors and analysis capabilities in Kansa and noted that some of the collected data is not ...

trustedsignal -- blog

Kansa: Service related collectors and analysis

davehull | May 3, 2014 | aseps, autoruns, DFIR, Failures, frequency analysis, Kansa, services, stack ranking, stacking, triggers

In my previous post on Kansa's Autoruns collectors and analysis scripts, I mentioned that the Get-Aurounsc.ps1 collector relies on Sysinternals' Autorunsc.exe to collect data on all of the Autostart Extension Points (ASEPs) that ...

trustedsignal -- blog

Kansa: Autoruns data and analysis

davehull | April 29, 2014 | aseps, autoruns, DFIR, Kansa

I want your input.With the "Trailer Park" release of Kansa marking a milestone for the core framework, I'm turning my focus to analysis scripts for data collected by the current set of modules. As of ...

trustedsignal -- blog

aseps

Kansa: Powershell profiles potentially hazardous

Kansa: Collecting WMI Event Consumer backdoors

Kansa: Service related collectors and analysis

Kansa: Autoruns data and analysis

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On