Tech Help

Introduction I found that with the 1001 options for "SOC As A Service" companies, and "contract incident response", many client companies still don't understand why use them outside of a compliance check. Some companies seem to have them on retainer but refuse them any ability to act, just to notify and it may or may not be dealt with ever. It's really weird when companies want to secure their data and do secure business using that data, but not actually do the work around securing their data. I think it's the age old adage with IT that "passing the buck" is the default, then only with training and awareness do people want to take responsibility for their own security.  Then on the other side, these soc as a service companies themselves don't always provide training, understanding, or really anything more than a templated write up of the incident back to the company. That write up may contain details and even actions around what needs to ha...

     So, I made a yara rule a while back based on some suspicious phishing nonsense I found in some open (unauthenticated + file directory listing enabled) cloud storage buckets. I decided only recently to see if I could do some public hunting with these. One possibility was on hybrid analysis. After just a few days, I have 9 detections already found.       The YARA rule is hosted on my github ( https://raw.githubusercontent.com/ferasdour/SpecialYaraRules/refs/heads/main/Bucket%20Phishing%20Kits.yar ) but basically it's like this (notations added for this post): rule phishingKits3 {     meta :       description = "PhishingKits3: This was found in multiple phishing kits hosted on open/unauthenticated S3 buckets."       author = "ferasdour"     strings :       $s1 = "https://ajax.googleapis.com/ajax/libs/jquery/" ascii // adds jquery       $s2 = "https://code.jquery...

I hope this helps someone but to setup a network printer on Windows 10, it's usually pretty straight forward.  Well, you're gonna need your computer and your printer on the same network. Most printers come with quick start setup for doing this part, they may even suggest their apps or something to do so. But most of the time it's settings -> network -> wifi and setup the wifi connection from there, or settings -> network -> status/ethernet if you're using wired connections. Get to "Printers & Scanners" under the devices section of settings. I usually just press windows key to pull open the start menu, then type in printers to get here. To make this easy, we just push that + button next to add printer or scanner. This should search the network for your printer. (There is several protocols for this, and you can find technical details on some stuff like this stack overflow link   Click on your printer, if it is found correctly, and it should autom...

Dusting, and other things you haven't been doing. Just some quick little dos and don't for dusting a computer, from my experience. Dos Set aside time to clear out your computer of dust, bugs, and other things regularly. In a normal home or small business, this may be once a month or every other month and that's okay. For high dust environments, clean it more often. Be cautious of spinning fans. Even with a little spray keyboard duster, if you let it spin your fans, it may be strong enough to bend the blades or otherwise put additional wear on the fan physically. If you let it free spin, on occasion you may damage the bearings or the plastic connections to the motors and the fan won't connect properly. This causes the fan to be unusable and usually becomes a matter of replacing the fan. This includes processor fans, case fans, powers supply fans, etc... DO NOT SPIN THEM BECAUSE ITS FUN. I know it is, but refrain. Use between 40-50 psi from air compressors. Most controlle...