Recon InfoSec (4)

An Encounter with Ransomeware-as-a-Service: MEGAsync Analysis

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Andrew Cook

Recon's SOC recently responded to an attempted ransomware and extortion attack. It had all the...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Andrew Cook

The Recon incident response team recently responded to a case of business email compromise. The...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Andrew Cook

Whether your cybersecurity detection and response capabilities are in-house or managed through a...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Kelley Wilds

We can't start a recap post without a huge THANK YOU to the community for joining us last week and...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

Now that we've normalized and enriched our events, let's get into the actual threat detection logic...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

In my previous post, I explained the fundamental purpose and use cases of pipelines in Graylog –...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

If you are here hoping to learn more about using Graylog for the purpose of monitoring the security...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Bob Drobish

At Recon InfoSec we have the honor of working with some of the best security operations, incident...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Brian Greunke

Much has already been said about the recently reported SolarWinds compromise. In this post, we are...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Samuel Kimmons

Whether you're on the Defensive or Offensive side of security, it's important to understand how...