Tyler
@secshoggoth.bsky.social
Incident Response, Forensics, Malware Analysis, Reverse Engineering, Cyber Security, RPG, Geek, Nerd, #DFIR
Opinions are my own and not those of my employer.
Opinions are my own and not those of my employer.
Did you know there are 𝐭𝐰𝐨 𝐯𝐞𝐫𝐬𝐢𝐨𝐧𝐬 𝐨𝐟 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐐𝐮𝐢𝐜𝐤 𝐀𝐬𝐬𝐢𝐬𝐭, one of which doesn't log anything?
On 𝗔𝘂𝗴 𝟭𝟯 𝗮𝘁 𝟭𝟮 𝗣𝗠 𝗘𝗦𝗧, I am presenting on MSQA, how we're seeing it used in attacks. More importantly, how to perform investigations into MSQA.
𝐅𝐫𝐞𝐞 𝐭𝐨 𝐚𝐭𝐭𝐞𝐧𝐝 - register here:
ow.ly/TvlR50WxW5A
On 𝗔𝘂𝗴 𝟭𝟯 𝗮𝘁 𝟭𝟮 𝗣𝗠 𝗘𝗦𝗧, I am presenting on MSQA, how we're seeing it used in attacks. More importantly, how to perform investigations into MSQA.
𝐅𝐫𝐞𝐞 𝐭𝐨 𝐚𝐭𝐭𝐞𝐧𝐝 - register here:
ow.ly/TvlR50WxW5A
Microsoft Quick Assist is Under Attack: What You Need to Know
Microsoft Quick Assist is a great tool for streamlining IT support. Unfortunately, it’s also becoming a popular target for hackers trying to break into you...
ow.ly
August 8, 2025 at 1:36 PM
Did you know there are 𝐭𝐰𝐨 𝐯𝐞𝐫𝐬𝐢𝐨𝐧𝐬 𝐨𝐟 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐐𝐮𝐢𝐜𝐤 𝐀𝐬𝐬𝐢𝐬𝐭, one of which doesn't log anything?
On 𝗔𝘂𝗴 𝟭𝟯 𝗮𝘁 𝟭𝟮 𝗣𝗠 𝗘𝗦𝗧, I am presenting on MSQA, how we're seeing it used in attacks. More importantly, how to perform investigations into MSQA.
𝐅𝐫𝐞𝐞 𝐭𝐨 𝐚𝐭𝐭𝐞𝐧𝐝 - register here:
ow.ly/TvlR50WxW5A
On 𝗔𝘂𝗴 𝟭𝟯 𝗮𝘁 𝟭𝟮 𝗣𝗠 𝗘𝗦𝗧, I am presenting on MSQA, how we're seeing it used in attacks. More importantly, how to perform investigations into MSQA.
𝐅𝐫𝐞𝐞 𝐭𝐨 𝐚𝐭𝐭𝐞𝐧𝐝 - register here:
ow.ly/TvlR50WxW5A
A friend of mine - @openheartgames.bsky.social - is running a D&D game all day for Extra Life. Drop by their stream and donate to a good cause!
www.extra-life.org/index.cfm?fu...
#dnd #rpg #charity #extralife
www.extra-life.org/index.cfm?fu...
#dnd #rpg #charity #extralife
Extra Life | Change Kids' Health, Change the Future
I'm raising funds with #EXTRALIFE for kids treated at my Children's Miracle Network Hospitals! I need your help to reach my fundraising goal. Please donate today to change kids' health.
www.extra-life.org
April 26, 2025 at 4:40 PM
A friend of mine - @openheartgames.bsky.social - is running a D&D game all day for Extra Life. Drop by their stream and donate to a good cause!
www.extra-life.org/index.cfm?fu...
#dnd #rpg #charity #extralife
www.extra-life.org/index.cfm?fu...
#dnd #rpg #charity #extralife
This past weekend I had the opportunity and speak at B-Sides Rochester (NY).
My talk was on forensically analyzing Microsoft Quick Assist and the issues associated with attempting to do so. If anyone is interested:
- Slides: github.com/secshoggoth/...
- Video: www.youtube.com/watch?v=l9Kq...
My talk was on forensically analyzing Microsoft Quick Assist and the issues associated with attempting to do so. If anyone is interested:
- Slides: github.com/secshoggoth/...
- Video: www.youtube.com/watch?v=l9Kq...
BSidesROC 2025 - Microsoft Quick Assist - Tyler Hudak
YouTube video by BSidesROC
www.youtube.com
March 26, 2025 at 12:39 PM
This past weekend I had the opportunity and speak at B-Sides Rochester (NY).
My talk was on forensically analyzing Microsoft Quick Assist and the issues associated with attempting to do so. If anyone is interested:
- Slides: github.com/secshoggoth/...
- Video: www.youtube.com/watch?v=l9Kq...
My talk was on forensically analyzing Microsoft Quick Assist and the issues associated with attempting to do so. If anyone is interested:
- Slides: github.com/secshoggoth/...
- Video: www.youtube.com/watch?v=l9Kq...
I've had to analyze several MS Quick Assist compromises and found challenges during each one. Threat Hunting for malicious activity thru QA is not easy either.
So I wrote a blog post on what to look for: inversion6.com/resources/bl...
#dfir #forensics #incidentresponse #threathunting
So I wrote a blog post on what to look for: inversion6.com/resources/bl...
#dfir #forensics #incidentresponse #threathunting
Microsoft Quick Assist Remote Monitoring
Learn how attackers exploit Microsoft Quick Assist, a default Windows tool, in scams and social engineering attacks. Discover detection tips, analysis methods, and strategies to protect your business ...
inversion6.com
January 29, 2025 at 1:51 PM
I've had to analyze several MS Quick Assist compromises and found challenges during each one. Threat Hunting for malicious activity thru QA is not easy either.
So I wrote a blog post on what to look for: inversion6.com/resources/bl...
#dfir #forensics #incidentresponse #threathunting
So I wrote a blog post on what to look for: inversion6.com/resources/bl...
#dfir #forensics #incidentresponse #threathunting
Today marks the official launch of the Inversion6 Incident Response (IR) team, and I couldn't be more excited! Ready to tackle challenges, protect, and respond like never before. Let’s go!
#IncidentResponse #CyberSecurity #DFIR
inversion6.com/resources/ne...
#IncidentResponse #CyberSecurity #DFIR
inversion6.com/resources/ne...
Inversion6 Launches Comprehensive Incident Response Service
Global cybersecurity firm launches expanded service to help companies respond and recover from cyber threats.
inversion6.com
January 21, 2025 at 2:48 PM
Today marks the official launch of the Inversion6 Incident Response (IR) team, and I couldn't be more excited! Ready to tackle challenges, protect, and respond like never before. Let’s go!
#IncidentResponse #CyberSecurity #DFIR
inversion6.com/resources/ne...
#IncidentResponse #CyberSecurity #DFIR
inversion6.com/resources/ne...
I do not envy those coming into Information Security now.
When I started, there were no formal programs, no degrees, and little training. It was the wild west and we were making a lot of it up as we went. In a way, it was easier. (1/2)
When I started, there were no formal programs, no degrees, and little training. It was the wild west and we were making a lot of it up as we went. In a way, it was easier. (1/2)
January 10, 2025 at 2:49 PM
I do not envy those coming into Information Security now.
When I started, there were no formal programs, no degrees, and little training. It was the wild west and we were making a lot of it up as we went. In a way, it was easier. (1/2)
When I started, there were no formal programs, no degrees, and little training. It was the wild west and we were making a lot of it up as we went. In a way, it was easier. (1/2)
What is everyone's favorite place for a starting sysmon config template?
December 10, 2024 at 6:08 PM
What is everyone's favorite place for a starting sysmon config template?
Reposted by Tyler
@volexity.com’s latest blog post describes in detail how a Russian APT used a new attack technique, the “Nearest Neighbor Attack”, to leverage Wi-Fi networks in close proximity to the intended target while the attacker was halfway around the world.
Read more here: www.volexity.com/blog/2024/11...
Read more here: www.volexity.com/blog/2024/11...
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that led to one of the most fascinating and complex incident investigations Volexity had ever w...
www.volexity.com
November 22, 2024 at 2:58 PM
@volexity.com’s latest blog post describes in detail how a Russian APT used a new attack technique, the “Nearest Neighbor Attack”, to leverage Wi-Fi networks in close proximity to the intended target while the attacker was halfway around the world.
Read more here: www.volexity.com/blog/2024/11...
Read more here: www.volexity.com/blog/2024/11...
Yesterday I received a call from a friend who was a victim of sextortion. This is all too common but fortunately there are things you can do if you fall victim to this.
Remember 𝘆𝗼𝘂 𝗮𝗿𝗲 𝗻𝗼𝘁 𝗮𝘁 𝗳𝗮𝘂𝗹𝘁. The person doing this is truly one of the worst types of criminals. You are a victim.
🧵
Remember 𝘆𝗼𝘂 𝗮𝗿𝗲 𝗻𝗼𝘁 𝗮𝘁 𝗳𝗮𝘂𝗹𝘁. The person doing this is truly one of the worst types of criminals. You are a victim.
🧵
November 13, 2024 at 3:10 PM
Yesterday I received a call from a friend who was a victim of sextortion. This is all too common but fortunately there are things you can do if you fall victim to this.
Remember 𝘆𝗼𝘂 𝗮𝗿𝗲 𝗻𝗼𝘁 𝗮𝘁 𝗳𝗮𝘂𝗹𝘁. The person doing this is truly one of the worst types of criminals. You are a victim.
🧵
Remember 𝘆𝗼𝘂 𝗮𝗿𝗲 𝗻𝗼𝘁 𝗮𝘁 𝗳𝗮𝘂𝗹𝘁. The person doing this is truly one of the worst types of criminals. You are a victim.
🧵
What's one more social media site to check out?
November 13, 2024 at 1:49 PM
What's one more social media site to check out?