Windows 7 and Server 2008 (R2): The End of Times

January 15, 2020 is going to be an important day in the tech industry. Not because of some new product or the coming singularity, but because of the end of life for Windows 7 and all Server 2008 and 2008 R2 derivatives.

Windows 7 and derivatives will have received just over a decade of support by end of life and were essential for ending the era of Windows XP.… Read the rest

Security Automation and the Coming Singularity

Automation has encroached on almost every sector of the economy indiscriminately rearranging jobs and careers in its wake. It has been strangely absent from the news in the field of cybersecurity and technology. The irony is that cybersecurity and other technical fields have probably had the most time and effort spent on automation out of any sector, just that the developments have not seemed as disruptive as they could.… Read the rest

Fileless Malware 101: The Advent of New Generation Malware

I previously wrote about another technique malware and ransomware authors were using to obfuscate their infections. Fileless malware is the natural evolution of this and is far scarier for file-based antivirus solutions. These infections have been making the news with Sodinokibi (or Revil), and others.

These malware attacks are coming from more recent exploits which allow them to run what they want in memory without having to touch the disk at all (for the infection itself) as long as Powershell works on the machine.… Read the rest

How to Survive a Ransomware Attack

With the sheer volume of ransomware attacks in the past couple weeks, I decided to write an article about what works and what doesn’t. I’m writing about ransomware attacks, but this advice ultimately applies to most types of compromises, viruses, or malware attacks. These steps are going to be more generic because there is “no one size fits all” approach to resolving infection or compromise.… Read the rest

Best Scripting Languages for Windows Automation

Windows has multiple options for scripting languages, but some are better suited than others for widespread administration. This article looks to cover the most accessible options as well as their specific use cases and any caveats. I am focusing on what can be used in order to administer Windows machines, ideally remotely via an RMM tool or other remote access. This article will cover what languages are most widely available as well as the pros and cons of each.… Read the rest