Case Study: Detecting Gootloader's Concatenated ZIP Evasion
9 of 9 Gootloader samples detected at CRITICAL (96/100) via ZIP structural anomaly analysis, resilient to hashbusting.
Blog
Cybersecurity insights, threat intelligence, and security research
iOS Unified Logs: Your 30-Day Retention Assumption is Killing Your Investigations
Over 70% of iOS log entries carry a TTL of 0, meaning they can disappear within days of being written. Not weeks. Days.
Starkiller Phishing Service Proxies Real Login Pages and Beats MFA
Adversary-in-the-middle phishing packaged as a service. Proxies real login pages in real time.
AI-Generated Content Is Breaking Traditional Metadata Forensics
EXIF data used to be a reliable witness. That era is over. Here's how to adapt your forensic workflow.