Blog | Security Joes

Hunting OpenClaw: Detection and Containment Guidance for Defenders

Threat Intelligence

Security Joes

1 day ago16 min read

LazarOps: APT Tactics Targeting the Developers Supply Chain [PART 1]

Threat Intelligence

Security Joes

Aug 14, 202511 min read

Weaponizing Windows Drivers: A Hacker's Guide for Beginners

In the never-ending cat-and-mouse game of cybersecurity, every advancement in defense inevitably drives attackers to evolve their...

Security Joes

Jul 15, 202510 min read

Incident Response In The Age of Malicious ML Model Artifacts

Modern Incident Response: Tackling Malicious ML Artifacts

Machine learning model files (e.g. .pkl, .pt, .onnx, .pb) can serve as stealthy malware carriers. When a serialized model is the root cause of a breach, incident responders face unique challenges in detection, analysis, and attribution.

Community

Security Joes

May 12, 202512 min read

Gaps in Traditional DFIR Playbooks: Machine Learning Models

Incidents involving malicious ML models reveal significant weaknesses in standard Digital Forensics and Incident Response (DFIR)...

Community

Security Joes

May 4, 202510 min read

Crowdstrike Global Outage: Effective Solutions To Mitigate The Impact

Crowdstrike outage

Security Joes

Jul 19, 20242 min read

Security's Achilles' Heel: Vulnerable Drivers on the Prowl

A notable trend in cyber threats nowadays is the exploitation of vulnerabilities in drivers through the Bring Your Own Vulnerable Driver...

Threat Intelligence

Security Joes

Jul 15, 202414 min read

Hide and Seek in Windows' Closet: Unmasking the WinSxS Hijacking Hideout

Our investigation has revealed an innovative approach that leverages executables commonly found in the trusted WinSxS folder and exploits...

Security Joes

Jan 1, 20248 min read

Mission "Data Destruction": A Large-scale Data-Wiping Campaign Targeting Israel

Threat Intelligence

Security Joes

Nov 10, 20235 min read

Hunting OpenClaw: Detection and Containment Guidance for Defenders

LazarOps: APT Tactics Targeting the Developers Supply Chain [PART 1]

Weaponizing Windows Drivers: A Hacker's Guide for Beginners

Modern Incident Response: Tackling Malicious ML Artifacts

Gaps in Traditional DFIR Playbooks: Machine Learning Models

Crowdstrike Global Outage: Effective Solutions To Mitigate The Impact

Security's Achilles' Heel: Vulnerable Drivers on the Prowl

Hide and Seek in Windows' Closet: Unmasking the WinSxS Hijacking Hideout

Mission "Data Destruction": A Large-scale Data-Wiping Campaign Targeting Israel

Headquarters

Dam Hamaccabim 38
Donna 1 Building
2nd Floor
Modiin, Israel

Follow-the-sun

Security Joes

Get in touch

Hunting OpenClaw: Detection and Containment Guidance for Defenders

LazarOps: APT Tactics Targeting the Developers Supply Chain [PART 1]

Weaponizing Windows Drivers: A Hacker's Guide for Beginners

Modern Incident Response: Tackling Malicious ML Artifacts

Gaps in Traditional DFIR Playbooks: Machine Learning Models

Crowdstrike Global Outage: Effective Solutions To Mitigate The Impact

Security's Achilles' Heel: Vulnerable Drivers on the Prowl

Hide and Seek in Windows' Closet: Unmasking the WinSxS Hijacking Hideout

Mission "Data Destruction": A Large-scale Data-Wiping Campaign Targeting Israel

Headquarters

Dam Hamaccabim 38 Donna 1 Building 2nd Floor Modiin, Israel

Follow-the-sun

Security Joes

Get in touch

Dam Hamaccabim 38
Donna 1 Building
2nd Floor
Modiin, Israel