https://socdfir.com/2026/04/01/the-ticket-that-let-them-in-how-support-workflows-quietly-extend-breach-dwell-time/2026-04-01T20:05:52+00:00monthlyhttps://socdfir.com/2026/04/01/they-didnt-break-in-they-logged-in-the-real-problem-with-modern-ransomware/2026-04-01T15:57:17+00:00monthlyhttps://socdfir.com/2026/03/30/cyber-pulse-technical-threat-deep-dives-on-active-cves-canva-affinity-emf-type-confusion-leading-to-rce/2026-03-30T12:50:28+00:00monthlyhttps://socdfir.com/2026/03/17/cyber-pulse-technical-threat-deep-dives-on-active-cves-eu-sanctions-expose-state-linked-cyber-operations-at-scale/2026-03-17T23:06:49+00:00monthlyhttps://socdfir.com/2026/03/10/cyber-pulse-technical-threat-deep-dives-on-active-cves-aruba-aos-cx-authentication-bypass-enables-admin-password-reset/2026-03-10T19:39:44+00:00monthlyhttps://socdfir.com/2026/02/27/cyber-pulse-technical-threat-deep-dives-on-active-cves-cisco-catalyst-sd-wan-authentication-bypass/2026-02-28T01:14:44+00:00monthlyhttps://socdfir.com/2026/02/19/cyber-pulse-technical-threat-deep-dives-on-active-cves-honeywell-cctv-account-takeover-via-missing-authentication-cve-2026-1670/2026-02-19T16:50:44+00:00monthlyhttps://socdfir.com/2026/02/03/cyber-pulse-technical-threat-deep-dives-on-active-cves-metro4shell-rce-in-react-native-cli/2026-02-03T17:18:07+00:00monthlyhttps://socdfir.com/2026/01/29/cyber-pulse-technical-threat-deep-dives-on-active-cves-critical-path-traversal-in-synology-router-manager/2026-01-29T17:04:22+00:00monthlyhttps://socdfir.com/2026/01/14/cyber-pulse-technical-threat-deep-dives-on-active-cves-redvds-and-the-industrialization-of-bec-infrastructure/2026-01-14T21:50:26+00:00monthlyhttps://socdfir.com/2026/01/13/cyber-pulse-technical-threat-deep-dives-on-active-cves-january-2026-patch-tuesday-breakdown/2026-01-13T21:21:52+00:00monthlyhttps://socdfir.com/2026/01/05/cyber-pulse-technical-threat-deep-dives-on-active-cves-mongobleed-and-the-risk-of-silent-memory-theft/2026-01-05T20:12:04+00:00monthlyhttps://socdfir.com/2025/12/19/cyber-pulse-technical-threat-deep-dives-on-active-cves-cisco-asyncos-zero-day-actively-exploited-by-china-nexus-apt/2025-12-19T16:49:07+00:00monthlyhttps://socdfir.com/2025/12/19/cyber-pulse-technical-threat-deep-dives-on-active-cves-russian-and-north-korean-threats-targeting-aws-infrastructure/2025-12-19T16:30:41+00:00monthlyhttps://socdfir.com/2025/12/14/cyber-pulse-technical-threat-deep-dives-on-active-cves-byovd-attack-exploits-cve-2024-51324-to-disable-edr-and-drop-deadlock-ransomware/2025-12-15T02:37:14+00:00monthlyhttps://socdfir.com/2025/12/11/cyber-pulse-technical-threat-deep-dives-on-active-cves-gogs-symlink-bypass-enables-remote-code-execution-cve-2025-8110/2025-12-11T19:25:55+00:00monthlyhttps://socdfir.com/2025/12/04/cyber-pulse-technical-threat-deep-dives-on-active-cves-react2shell-cve-2025-55182-and-the-rsc-rce-shockwave/2025-12-04T17:59:22+00:00monthlyhttps://socdfir.com/2025/12/02/cyber-pulse-technical-threat-deep-dives-on-active-cves-codex-cli-and-cve-2025-61260/2025-12-02T17:33:09+00:00monthlyhttps://socdfir.com/2025/11/12/cyber-pulse-technical-threat-deep-dives-on-active-cves/2025-11-21T18:11:32+00:00monthlyhttps://socdfir.com/2025/11/17/%f0%9f%a7%a8-massive-aisuru-ddos-hits-microsoft-azure-15-72-tbps/2025-11-21T18:10:22+00:00monthlyhttps://socdfir.com/2025/11/21/cyber-pulse-technical-threat-deep-dives-on-active-cves-2/2025-11-21T18:09:17+00:00monthlyhttps://socdfir.com/2025/11/18/%f0%9f%a7%a8-when-the-backbone-buckles-cloudflares-outage-meets-aisurus-mega-ddos/2025-11-18T22:00:24+00:00monthlyhttps://socdfir.com/2025/11/08/cyber-pulse-cves-diagnosed-by-a-paramedic-turned-analyst-microsoft-teams-chat-with-anyone-feature-hidden-attack-surface/2025-11-08T16:18:06+00:00monthlyhttps://socdfir.com/2025/11/07/cyber-pulse-cves-diagnosed-by-a-paramedic-turned-analyst-chatgpt-under-siege-via-memory-injection-0-click-attacks/2025-11-07T17:33:03+00:00monthlyhttps://socdfir.com/2025/11/04/cyber-pulse-cves-diagnosed-by-a-paramedic-turned-analyst-curly-comrades-abuse-hyper-v-to-evade-detection-via-hidden-linux-vms/2025-11-04T16:23:24+00:00monthlyhttps://socdfir.com/2025/11/03/cyber-pulse-bsides-chicago-2025-a-celebration-of-community-chaos-and-clarity/2025-11-03T16:14:51+00:00monthlyhttps://socdfir.com/2025/10/30/cyber-pulse-cves-diagnosed-by-a-paramedic-turned-analyst-cve-2025-6205-delmia-apriso-authorization-bypass/2025-10-30T15:27:52+00:00monthlyhttps://socdfir.com/2025/10/28/the-183m-credential-leak-infostealers-password-reuse-and-the-ghost-in-your-browser/2025-10-28T15:45:53+00:00monthlyhttps://socdfir.com/2025/10/23/722/2025-10-24T15:22:00+00:00monthlyhttps://socdfir.com/2025/10/21/%f0%9f%a7%af-when-dns-broke-the-cloud-a-soc-dfir-look-at-the-october-2025-aws-outage/2025-10-21T18:05:18+00:00monthlyhttps://socdfir.com/2025/10/20/%f0%9f%9b%91-quick-update-im-still-here-just-fighting-off-a-sinus-infection/2025-10-20T13:45:42+00:00monthlyhttps://socdfir.com/2025/10/13/cyber-pulse-cves-diagnosed-by-a-paramedic-turned-analyst-oracle-ebs-under-siege-cve%e2%80%912025%e2%80%9161882-cve%e2%80%912025%e2%80%9161884/2025-10-13T15:44:14+00:00monthlyhttps://socdfir.com/2025/09/26/cyber-pulse-cves-diagnosed-by-a-paramedic-turned-analyst-silent-breaches-in-cisco-asa-ftd/2025-09-26T15:01:22+00:00monthlyhttps://socdfir.com/2025/09/23/what-ems-training-taught-me-about-how-cyber-education-should-work/2025-09-23T16:25:19+00:00monthlyhttps://socdfir.com/2025/09/22/cve-2025-9911-the-shai-hulud-supply-chain-attack-ci-cd-wormsign-beneath-the-sand/2025-09-22T15:29:06+00:00monthlyhttps://socdfir.com/2025/09/12/%f0%9f%a7%a0-exposed-cloud-buckets-when-access-denied-still-leaks-intelligence/2025-09-12T20:15:54+00:00monthlyhttps://socdfir.com/2025/09/15/regex-in-the-trenches-wrap-up-field-drills/2025-09-08T15:54:58+00:00monthlyhttps://socdfir.com/2025/09/13/regex-in-the-trenches-a-soc-analysts-guide-to-hunting-iocs-part-5-field-manual-snippets/2025-09-08T15:28:54+00:00monthlyhttps://socdfir.com/2025/09/12/regex-in-the-trenches-a-soc-analysts-guide-to-hunting-iocs-part-4-pitfalls-tuning/2025-09-08T15:26:44+00:00monthlyhttps://socdfir.com/2025/09/11/regex-in-the-trenches-a-soc-analysts-guide-to-hunting-iocs-part-3-regex-in-action/2025-09-08T15:22:36+00:00monthlyhttps://socdfir.com/2025/09/10/regex-in-the-trenches-a-soc-analysts-guide-to-hunting-iocs-part-2-practical-patterns-for-analysts/2025-09-08T15:07:03+00:00monthlyhttps://socdfir.com/2025/09/08/regex-in-the-trenches-a-soc-analysts-guide-to-hunting-iocs-part-1-core-concepts/2025-09-08T15:02:24+00:00monthlyhttps://socdfir.com/projects/2025-09-04T15:07:03+00:00weekly0.6https://socdfir.com/2025/09/09/splunk-survival-series-part-4-hunting-like-a-pro/2025-09-03T15:43:28+00:00monthlyhttps://socdfir.com/2025/09/11/splunk-survival-series-part-5-codifying-knowledge/2025-09-03T15:42:58+00:00monthlyhttps://socdfir.com/2025/09/05/splunk-survival-series-part-3-regex-and-field-extractions/2025-09-03T15:30:34+00:00monthlyhttps://socdfir.com/2025/09/03/cyber-pulse-cves-diagnosed-by-a-paramedic-turned-analyst/2025-09-03T15:16:50+00:00monthlyhttps://socdfir.com/2025/09/18/check-the-box-get-ignored-how-filtering-systems-erase-real-world-professionals/2025-08-28T17:47:59+00:00monthlyhttps://socdfir.com/2025/08/28/not-just-a-resume-cybersecurity-is-my-life/2025-08-28T15:41:29+00:00monthlyhttps://socdfir.com/2025/08/27/locked-out-of-my-own-spine-a-real-life-incident-response-case-study/2025-08-27T15:07:58+00:00monthlyhttps://socdfir.com/2025/08/23/splunk-survival-series-part-2-getting-analytical/2025-08-23T18:56:46+00:00monthlyhttps://socdfir.com/2025/08/22/when-trust-backfires-certificate-warnings-known-brands-and-the-quietest-exploit-in-the-game/2025-08-22T16:11:22+00:00monthlyhttps://socdfir.com/2025/08/19/deleted-%e2%89%a0-gone-the-forensic-reality-of-cloud-evidence/2025-08-19T15:58:23+00:00monthlyhttps://socdfir.com/2025/08/18/splunk-survival-series-part-1-taming-the-data-deluge/2025-08-18T15:33:05+00:00monthlyhttps://socdfir.com/2025/08/13/%f0%9f%8e%93-how-to-code-in-python-final-chapter-errors-files-data-structures-and-whats-next/2025-08-13T16:41:54+00:00monthlyhttps://socdfir.com/2025/08/11/need-for-a-user-mode-modular-hybrid-tool-that-acts-as-a-bridge-detection-response-context/2025-08-11T22:29:06+00:00monthlyhttps://socdfir.com/2025/08/08/when-clicks-become-clues-the-hidden-risks-of-link-redirection-in-email-ecosystems/2025-08-08T16:33:51+00:00monthlyhttps://socdfir.com/2025/08/08/%f0%9f%94%a7-how-to-code-in-python-part-6-7-functions-scope-dictionaries-and-built-in-tools/2025-08-08T15:35:13+00:00monthlyhttps://socdfir.com/2025/08/07/the-silent-breach-how-overlooked-privacy-failures-lead-to-real-world-compromise/2025-08-07T23:47:48+00:00monthlyhttps://socdfir.com/2025/08/05/the-heat-wasnt-just-outside-a-technical-breakdown-of-the-cyberattack-surge-in-summer-2025/2025-08-05T18:00:15+00:00monthlyhttps://socdfir.com/2025/08/04/how-to-code-in-python-part-5-lists-indexing-and-looping-with-power/2025-08-04T14:32:23+00:00monthlyhttps://socdfir.com/2025/08/04/from-medic-to-soc-analyst-how-clinical-thinking-and-the-evidence-pyramid-make-me-an-asset-in-cybersecurity/https://socdfir.com/wp-content/uploads/2025/07/chatgpt-image-jul-31-2025-07_11_41-pm.pngChatGPT Image Jul 31, 2025, 07_11_41 PMhttps://socdfir.com/wp-content/uploads/2025/07/chatgpt-image-jul-31-2025-06_58_06-pm.pngChatGPT Image Jul 31, 2025, 06_58_06 PM2025-08-04T14:29:09+00:00monthlyhttps://socdfir.com/2025/07/31/im-a-security-analyst-heres-why-i-treat-your-vague-signature-request-like-a-threat-actor/2025-07-31T19:48:31+00:00monthlyhttps://socdfir.com/2025/08/01/%f0%9f%90%8d-how-to-code-in-python-part-3-4-loops-and-repeating-tasks/2025-07-31T15:58:01+00:00monthlyhttps://socdfir.com/2025/07/31/%f0%9f%93%8e-file-formats-arent-safe-just-because-theyre-common-the-real-risks-of-docx-and-pdf-uploads/2025-07-31T15:05:59+00:00monthlyhttps://socdfir.com/2025/07/28/investigating-suspicious-shortened-links-a-defenders-perspective/2025-07-28T22:30:18+00:00monthlyhttps://socdfir.com/2025/07/26/%f0%9f%9b%a1%ef%b8%8f-the-importance-of-transparent-dns-handling-in-security-tools/2025-07-26T18:39:18+00:00monthlyhttps://socdfir.com/2025/07/24/how-to-accidentally-start-a-security-suite/https://socdfir.com/wp-content/uploads/2025/07/ghosthunter_alpha_wordpress.jpgGhostHunter_Alpha_wordpress2025-07-24T15:32:24+00:00monthlyhttps://socdfir.com/2025/07/24/%f0%9f%a7%a0-how-to-code-in-python-part-2-if-else-and-logic/2025-07-24T12:39:13+00:00monthlyhttps://socdfir.com/2025/07/21/%f0%9f%90%8d-how-to-code-in-python-getting-started-first-program-variables-and-user-input/2025-07-21T15:53:00+00:00monthlyhttps://socdfir.com/2025/07/17/%f0%9f%94%93-cve%e2%80%912025%e2%80%915777-citrixbleed-2-memory-leaks-mfa-bypass-and-full-session-hijack/https://socdfir.com/wp-content/uploads/2025/07/cyber-threat-critical-hazard.pngcyber-threat-critical-hazardhttps://socdfir.com/wp-content/uploads/2025/07/cyber-threat-critical-1.pngcyber-threat-criticalhttps://socdfir.com/wp-content/uploads/2025/07/cyber-threat-critical.pngcyber-threat-critical2025-07-17T13:32:19+00:00monthlyhttps://socdfir.com/2025/07/14/%f0%9f%a4%96-ai-powered-attacks-the-rise-of-machine-augmented-adversaries/https://socdfir.com/wp-content/uploads/2025/07/ai.pngai2025-07-14T17:27:10+00:00monthlyhttps://socdfir.com/2025/07/10/%f0%9f%94%a7-how-to-use-the-resume-automation-tool/2025-07-10T23:23:52+00:00monthlyhttps://socdfir.com/2025/07/09/%f0%9f%94%90-automating-resume-cover-letter-personalization-with-python-and-tkinter/2025-07-09T22:12:15+00:00monthlyhttps://socdfir.com/2025/07/09/side-quests-six-monitors-and-a-brain-on-fire-embracing-the-chaos-of-cyber-workflows/https://socdfir.com/wp-content/uploads/2025/07/cybersecurity-caffeine-1.pngcybersecurity-caffeinehttps://socdfir.com/wp-content/uploads/2025/07/cybersecurity-caffeine.pngcybersecurity-caffeine2025-07-09T14:16:15+00:00monthlyhttps://socdfir.com/2025/07/08/creating-a-network-traffic-baseline-and-detecting-anomalies-with-zeek-an-advanced-soc-analyst-guide/2025-07-08T21:02:49+00:00monthlyhttps://socdfir.com/2025/07/02/a-technical-guide-to-determining-what-ports-to-leave-open-via-firewall/https://socdfir.com/wp-content/uploads/2025/07/wireshark-packet-capture-tool.pngwireshark-packet-capture-toolhttps://socdfir.com/wp-content/uploads/2025/07/nessus-port-scanner.pngnessus-port-scannerhttps://socdfir.com/wp-content/uploads/2025/07/nessus.pngnessus2025-07-02T22:07:25+00:00monthlyhttps://socdfir.com/2025/06/29/from-host-to-hidden-multi-layered-vpn-tor-access-for-cyber-threat-intelligence/https://socdfir.com/wp-content/uploads/2025/06/vpn.pngvpn2025-06-29T17:09:17+00:00monthlyhttps://socdfir.com/2025/06/26/managing-burnout-in-cybersecurity-a-technically-driven-approach-to-sustainable-growth/2025-06-26T16:12:28+00:00monthlyhttps://socdfir.com/2025/06/26/%f0%9f%9b%a0%ef%b8%8f-automating-repetitive-tasks-with-python-a-blueprint-for-cybersecurity-workflows/https://socdfir.com/wp-content/uploads/2025/06/fake-python-code-not-on-a-screen.pngfake-python-code-not-on-a-screen2025-06-26T15:05:58+00:00monthlyhttps://socdfir.com/2025/06/19/cve-2025-2783-chrome-sandbox-escape-exploited-in-the-wild/https://socdfir.com/wp-content/uploads/2025/06/warning-cyberthreat.pngwarning-cyberthreat2025-06-19T21:39:20+00:00monthlyhttps://socdfir.com/2025/06/15/cybersecurity-for-dads-defending-the-digital-bbq/2025-06-15T15:15:23+00:00monthlyhttps://socdfir.com/2025/06/14/zero-day-spotlight-cve-2024-4577-php-cgi-argument-injection/https://socdfir.com/wp-content/uploads/2025/06/zero-day-attack.pngzero-day-attackhttps://socdfir.com/wp-content/uploads/2025/06/zero-day.pngzero-dayhttps://socdfir.com/wp-content/uploads/2025/06/attack-vector-av-network-attack-complexity-ac-low-privileges-required-pr-none-user-3.pngattack-vector-av-network-attack-complexity-ac-low-privileges-required-pr-none-userhttps://socdfir.com/wp-content/uploads/2025/06/attack-vector-av-network-attack-complexity-ac-low-privileges-required-pr-none-user-2.pngattack-vector-av-network-attack-complexity-ac-low-privileges-required-pr-none-userhttps://socdfir.com/wp-content/uploads/2025/06/attack-vector-av-network-attack-complexity-ac-low-privileges-required-pr-none-user-1.pngattack-vector-av-network-attack-complexity-ac-low-privileges-required-pr-none-user2025-06-14T14:47:20+00:00monthlyhttps://socdfir.com/2025/06/13/why-behavioral-detection-beats-signature-based-alerts-in-modern-socs/https://socdfir.com/wp-content/uploads/2025/06/behavioral-intrusion-detection-1.pngbehavioral-intrusion-detectionhttps://socdfir.com/wp-content/uploads/2025/06/behavioral-intrusion-detection.pngbehavioral-intrusion-detection2025-06-13T13:54:11+00:00monthlyhttps://socdfir.com/2025/06/10/dfir-and-soc-impact-on-the-dfir-series/https://socdfir.com/wp-content/uploads/2025/06/security-operations-analyst.pngsecurity-operations-analyst2025-06-10T12:41:55+00:00monthlyhttps://socdfir.com/2025/06/06/from-recon-to-remediation-the-dfir-series-part-7-actions-and-objectives/https://socdfir.com/wp-content/uploads/2025/06/data-exfiltration-1.pngdata-exfiltrationhttps://socdfir.com/wp-content/uploads/2025/06/data-exfiltration.pngdata-exfiltration2025-06-06T12:29:34+00:00monthlyhttps://socdfir.com/2025/06/05/from-recon-to-remediation-the-dfir-series-part-6-command-and-control/https://socdfir.com/wp-content/uploads/2025/06/query-ips-with-abuseipdb-1.pngquery-ips-with-abuseipdbhttps://socdfir.com/wp-content/uploads/2025/06/query-ips-with-abuseipdb.pngquery-ips-with-abuseipdbhttps://socdfir.com/wp-content/uploads/2025/06/example-ids-ips-log.pngexample-ids-ips-loghttps://socdfir.com/wp-content/uploads/2025/06/shodan-and-graynoise-ip-database.pngshodan-and-graynoise-ip-databasehttps://socdfir.com/wp-content/uploads/2025/06/shodan-graynoise-ip.pngshodan-graynoise-iphttps://socdfir.com/wp-content/uploads/2025/06/shodan-graynoise.pngshodan-graynoisehttps://socdfir.com/wp-content/uploads/2025/06/shodan-grayhat.pngshodan-grayhathttps://socdfir.com/wp-content/uploads/2025/06/shodan-ip-tool.pngshodan-ip-toolhttps://socdfir.com/wp-content/uploads/2025/06/shodan.pngshodan2025-06-05T10:50:53+00:00monthlyhttps://socdfir.com/2025/05/31/%f0%9f%8e%af-from-recon-to-remediation-intermission-a-deep-dive-into-living-off-the-land-binaries-lolbins/https://socdfir.com/wp-content/uploads/2025/05/digital-forensics-command-line.pngdigital-forensics-command-linehttps://socdfir.com/wp-content/uploads/2025/05/digital-forensics-2.pngdigital-forensicshttps://socdfir.com/wp-content/uploads/2025/05/digital-forensics-1.pngdigital-forensicshttps://socdfir.com/wp-content/uploads/2025/05/digital-forensics.pngdigital-forensicshttps://socdfir.com/wp-content/uploads/2025/05/advanced-persistent-threats.pngadvanced-persistent-threats2025-05-31T12:21:19+00:00monthlyhttps://socdfir.com/2025/05/29/from-recon-to-remediation-the-dfir-series-part-5-installation/https://socdfir.com/wp-content/uploads/2025/05/splunk-siem.pngsplunk-siemhttps://socdfir.com/wp-content/uploads/2025/05/splunk.pngsplunk2025-05-29T21:49:32+00:00monthlyhttps://socdfir.com/2025/05/27/from-recon-to-remediation-the-dfir-series-part-4-exploitation/2025-05-27T17:19:59+00:00monthlyhttps://socdfir.com/2025/05/26/from-recon-to-remediation-the-dfir-series-part-3-delivery/https://socdfir.com/wp-content/uploads/2025/05/fake-email-header-example-digital-forensics-1.pngfake-email-header-example-digital-forensics2025-05-26T16:55:23+00:00monthlyhttps://socdfir.com/2025/05/20/from-recon-to-remediation-the-dfir-series-part-2-weaponization/2025-05-20T16:41:46+00:00monthlyhttps://socdfir.com/2025/05/14/from-recon-to-remediation-the-dfir-series/2025-05-14T15:56:31+00:00monthlyhttps://socdfir.com/2025/05/11/protecting-the-women-who-protect-us-cybersecurity-tips-for-mom-this-mothers-day/2025-05-11T19:56:39+00:00monthlyhttps://socdfir.com/2025/05/10/how-social-engineering-and-email-security-collide-and-what-your-employees-can-do-to-protect-your-network/2025-05-10T13:31:22+00:00monthlyhttps://socdfir.com/2025/05/05/uniting-forces-how-dfir-and-soc-analysts-can-collaborate-to-mitigate-cyber-threats/2025-05-05T11:39:40+00:00monthlyhttps://socdfir.com/2025/05/03/%f0%9f%94%90-5-cybersecurity-habits-you-can-start-this-weekend-no-tech-degree-required/2025-05-03T13:11:10+00:00monthlyhttps://socdfir.com/2025/05/01/how-cysa-changed-my-mindset-to-think-like-a-cybersecurity-analyst/2025-05-01T10:25:03+00:00monthlyhttps://socdfir.com/2025/04/29/are-we-setting-ourselves-up-for-failure-rethinking-cybersecurity-hiring-practices/2025-04-29T15:25:11+00:00monthlyhttps://socdfir.com/2025/04/24/what-is-mfa-multi-factor-authentication-and-how-do-you-use-it/2025-04-24T12:05:11+00:00monthlyhttps://socdfir.com/2025/04/23/the-rise-in-cyberattacks-over-the-past-year-has-been-both/2025-04-23T15:44:00+00:00monthlyhttps://socdfir.comdaily1.02026-04-01T20:05:52+00:00