This post breaks down what the term living-off-the-land (LOTL) actually means in cybersecurity for defenders. Malware-free, file-less malware, LOTL, they are all terms used to describe threats, sometimes interchangeably, but do the mean the same thing? The lines between legitimate user operations and malicious activities have become blurred.

I wrote a tool in Python for scanning DNS mail records. This tool helps organisations identify misconfigurations in MX, SPF, and DMARC records that can help prevent domain impersonation attacks, commonly used in phishing attacks.

Discussion of the relevance of the best evidence rule in the Australian legal context for digital evidence.

This report discusses future developments and challenges in evidence recovery for digital forensics and new laws, techniques and technology developed to overcome these issues.

This post describes my experience preparing for and passing the Microsoft Cybersecurity Architect certification exam (SC-100). I’ll describe some background about the exam and the resources I used, I’ll also provide my notes.