Drawing on insights from 582 full-spectrum DFIR investigations, Mjolnir Security reveals the uncharted forensic landscape of Windows 11. This intelligence briefing moves beyond legacy artifacts to expose the critical evidence sources modern adversaries leverage, including the Windows Subsystem for Android (WSA), covert channels in Microsoft Teams, and the persistent ledger [...]
Drawing on insights from 582 full-spectrum DFIR investigations, Mjolnir Security reveals the uncharted forensic landscape of Windows 11. This intelligence briefing moves beyond legacy artifacts to expose the critical evidence sources modern adversaries leverage, including the Windows Subsystem for Android (WSA), covert channels in Microsoft Teams, and the persistent ledger ...
A deep-dive anthropological analysis of Salt Typhoon, the premier Chinese state-sponsored cyber espionage group targeting global telecommunications and government sectors. This report deconstructs their identity, patient “Living off the Land” tactics, and advanced malware like the Demodex rootkit. Learn how Mjolnir Security’s proactive services, from Threat Hunting to Digital Forensics, ...
A deep-dive analysis reveals that Iranian state-sponsored cyber threats to U.S. and Canadian critical infrastructure are not random, but a core component of a sophisticated geopolitical strategy. Rooted in a doctrine of asymmetric retaliation born from the Stuxnet attack, groups like Charming Kitten, APT33, and APT34 operate as instruments of ...
Introduction In an increasingly interconnected digital world, Advanced Persistent Threat (APT) groups pose a sophisticated and relentless challenge to organizations globally. These highly skilled adversaries execute sustained, covert cyberattacks with long-term objectives such as espionage, intellectual property theft, or critical infrastructure disruption. Traditional security measures often fall short against their ...
Executive Threat Summary 1.1. Overview of the Symbiotic Threat The modern cyber threat landscape is increasingly characterized by specialization and collaboration, a trend exemplified by the potent, symbiotic relationship between the Scattered Spider initial access broker and the Dragon Force Ransomware-as-a-Service (RaaS) operation. These are not two disparate threats but ...
The dawn of 2025 brings with it a cyber battlefield characterized by an accelerating pace of innovation – not just from defenders, but critically, from those who seek to exploit vulnerabilities. Cybercrime has evolved into a highly efficient, business-like endeavor, with adversaries operating with unprecedented speed, sophistication, and scale. Organizations ...
RansomHouse is changing the game in cyber extortion—no encryption, just stolen data and high-stakes blackmail. Discover how this group operates, their tactics, and how your organization can defend against data-leak threats in this deep dive from Mjolnir Security.
In the ever-evolving landscape of cybersecurity, attackers are increasingly adopting a “less is more” approach. Instead of deploying sophisticated, custom-built malware, they are turning to the very tools that keep your systems running. A recent analysis has shed light on this alarming trend, and the findings are a wake-up call ...
Introduction The hum of machinery, the flow of resources, the critical functions that underpin our daily lives – all increasingly orchestrated by Operational Technology (OT). But this interconnectedness, while driving efficiency, has opened a new frontier for cyber adversaries. OT environments, once considered isolated, are now prime targets. This isn’t ...
Drawing on insights from 582 full-spectrum DFIR investigations, Mjolnir Security reveals the uncharted forensic landscape of Windows 11. This intelligence briefing moves beyond legacy artifacts to expose the critical evidence sources modern adversaries leverage, including the Windows Subsystem for Android (WSA), covert channels in Microsoft Teams, and the persistent ledger [...]
