How to create a single-node Graylog instance and analyze FortiGate logs

April 13, 2023
Sean Whalen

Firewall logs provide a wealth of information about a network. They can be used to identify devices, troubleshoot policies, and…

Business Email Compromise prevention and response

Business Email Compromise (BEC) attacks are easy, cheap, and often very effective. This high Return on Investment makes BEC an…

June 19, 2022

SEIMs and Other Forensic Tools Vulnerable to Log4j Exploits

This article was last updated on 2022-01-03. After several Log4j vulnerabilities (known as Log4shell or LogJam in the tech press)…

December 23, 2021

How to update the firmware on a Samsung monitor

This guide explains the exact steps for updating the firmware on Samsung monitor, and will hopefully save you a lot…

November 25, 2021

How to Install Volatility 2 and Volatility 3 on Debian, Ubuntu, or Kali Linux

Volatility is a powerful memory forensics tool. This guide will show you how to install Volatility 2 and Volatility 3…

October 6, 2021

How to use Farsight Security’s DNSDB to harness the power of passive DNS

DNS describes the structure of resources on the internet. It can provide lots of valuable information about (attacker or target)…

May 22, 2021

An introduction to DNS

The Domain Name System (DNS) is best known as the way domain names are converted into IP addresses that clients…

May 15, 2021

How to examine a credential harvesting page using Microsoft Edge

Recently I analyzed a credential harvesting page with some interesting characteristics that made a great teaching moment. In this post,…

May 10, 2021

How to configure a nginx reverse proxy with Let’s Encrypt certificates

Let's Encrypt allows nginx reverse proxy servers to have a real, trusted SSL certificate, even for internal sites.

February 26, 2021

How the Parler data was legally acquired by activists

The Parler data dumps you've heard were obtained legally. Here's how they did it.

January 13, 2021