Apr 28 · 39 min read · In late 2025 we investigated a ransomware engagement against a financial-logistics company in East Africa, here pseudonymised as NEXUS FREIGHT LTD. The investigation began as a routine "confirm the fa
Join discussion
Mar 25 · 2 min read · At a glance: DFIR has strong vendor investment — CrowdStrike, Google, TheHive (StrangeBee), and REMnux all ship official MCP servers. Security-Detections-MCP (334 stars) is the standout with autonomous detection engineering. Community fills gaps for ...
Join discussionJan 26 · 6 min read · Link to Challenge: https://kc7cyber.com/challenges/279 my thoughts This was a relatively easy medium-level challenge. I spent much of the time trying to clean up my query results, by adding extra commands and joining tables together. In some cases, I...
Join discussion
Jan 12 · 4 min read · When I first started learning cybersecurity, I thought I already knew the kind of person I wanted to become. Like many beginners, I was drawn to the red team side of things, exploitation, breaking into systems, finding vulnerabilities. It looked exci...
Join discussion
Jan 12 · 9 min read · Welcome to the fourth episode of my malware analysis series — this is a slightly different version where I am tackling a challenge from Malops in preparation for the PJMR. I may take another look at this sample and create an actual report following t...
Join discussion
Jan 7 · 11 min read · Sherlock Scenario: Wika is a highly motivated pre-sales engineer dedicated to achieving his professional goals. To ensure his success, he carefully selected the best tools and applications to streamline his workflow. However, an unknown adversary was...
Join discussion
