Google Drawings GIF phishing

So as I was aiming for bed when I just receive an email allegedly from Amazon with regards to my supposedly Amazon Prime billing information. The email says “Prime Account” but came from: Yeah sure! I could have stopped there but was just curious to see a bit more and ended up doing a complete […]

Which detection rules for my SOC?

Throughout my (young) career, I’ve seen many different SOC projects and I thought I should share what approaches have more chance of success. So here are some approaches that might apply well in your environment… or not. The “collect everything” approach The Business case approach The MITRE ATT&CK coverage approach The Intelligence-driven approach I also […]