Home » Posts tagged incident_response

Agentic AI challenges in IDE: Forensic and extraction of traces PART 3

- Posted in Incident Response by
Agentic AI challenges in IDE: Forensic and extraction of traces PART 3
Background: In our latest research related to forensic traces left by IDEs, let's look into the Cursor AI IDE. Traces: As in our previous research, we saw that some of its components rely on VS Code. [...] Read more

Agentic AI challenges in IDE: Forensic and extraction of traces PART 2

- Posted in Incident Response by
Agentic AI challenges in IDE: Forensic and extraction of traces PART 2
Background: As we continue our research around agentic IDEs which can leave traces, because at some IR stages you need to deal with such things—especially when an engineer's machine was involved in [...] Read more

Agentic AI challenges in IDE: Forensic and extraction of traces PART 1

- Posted in Incident Response by
Agentic AI challenges in IDE: Forensic and extraction of traces PART 1
Background: With the rise of AI companions and agentic features in popular IDEs, these tools can now execute commands with user consent. This presents new challenges for digital forensic specialists, [...] Read more

AI-Powered Polymorphic Phishing Pages: Detection Methods and Defensive Strategies

- Posted in Threat Analyze by
AI-Powered Polymorphic Phishing Pages: Detection Methods and Defensive Strategies
Background: As AI technologies rapidly advance, it is essential for us as cybersecurity specialists to understand how we can defend against emerging threats. One scenario that comes to mind is the [...] Read more

Hunting for Threats in the Dark: Leverage AI Technology to Support Your Investigation

- Posted in Incident Response by
Hunting for Threats in the Dark: Leverage AI Technology to Support Your Investigation
Background: Threat actors have been leveraging AI in their attacks for some time now. Through searching for answers on how we as IR specialists can stand against this threat, I have come to a simple [...] Read more

Crafting and Case Study of Cost-Effective Universal Hardware Toolkits for specific IR cases

- Posted in Incident Response by
Crafting and Case Study of Cost-Effective Universal Hardware Toolkits for specific IR cases
Background: In the incident response discipline, it is often necessary to carry hardware in our bags that can make daily tasks more manageable. In our previous articles, we discussed how to leverage [...] Read more

Defensive Edge: Adapting Red Team Hardware for IR

- Posted in Incident Response by
Defensive Edge: Adapting Red Team Hardware for IR
Background: Red team specialists often use specialized hardware during operations. However, don't worry—this hardware isn't exclusive to red teams. Incident responders also can use some of hardware [...] Read more

Investigating Malicious Activity in WSL Environments

- Posted in Threat Analyze by
Investigating Malicious Activity in WSL Environments
Background: Some XDR and EDR solutions are not effective when dealing with threats hidden inside WSL. In certain cases, it can also be challenging for digital forensic specialists to detect threats [...] Read more

Essential Data Acquisition and Digital Forensics for Incident Responders

- Posted in Incident Response by
Essential Data Acquisition and Digital Forensics for Incident Responders
Background: In a previous article, we discussed the method for creating a USB flash drive to acquire forensic images. In this article, I'll explain how to leverage the previously created tool during [...] Read more

Communicating Incident Response: A Reporting Framework for the C-Suite

- Posted in Incident Response by
Communicating Incident Response: A Reporting Framework for the C-Suite
Background: Incident response is divided into two parts: hands-on activities and management activities. We have discussed hands-on activities extensively. However, if we want to present the activity [...] Read more
Page 1 of 3