top of page
Search
Detecting ManualFinder/PDF Editor Malware Campaign with KQL
The ManualFinder and PDF Editor malware campaign represents a chain attack that turns legitimate-looking applications (well, I guess..)...
Damien van der Linden
2 days ago7 min read
Â
Â
Detecting Executive Impersonation Campaigns with KQL
These e-mails pretend to be from your CEO, have your first name as the subject, and contain absolutely no links, no files, just text.
Damien van der Linden
Jul 154 min read
Â
Â
FileFix – Another Deceptive Attack Vector (Demo and Detections)
ClickFix was bad enough, it became the second most common attack vector right after phishing. ClickFix tricked users with a deceptive...
Damien van der Linden
Jul 113 min read
Â
Â
From Car Rental to Infostealer: A SOCGholish Attack Analysis
Sometimes the most interesting security discoveries start with the most mundane activities.
Damien van der Linden
Jan 295 min read
Â
Â
Unmasking Phishing Hidden in Google Links With KQL
KQL your way into Google's Open Redirect 'feature' that's being abused for phishing.
Damien van der Linden
Dec 5, 20244 min read
Â
Â
Detecting B64 encoded UPNs in Clicked URLs with KQL
The first KQL query I share on here! Lets have a look at B64 encoded UPNs!
Damien van der Linden
Oct 14, 20242 min read
Â
Â
whoami
new blog who dis?
Damien van der Linden
Oct 14, 20242 min read
Â
Â
bottom of page