DrKeithJones.com

Year: 2026

Hunting Lazy OPSEC: Spotting Default C2 Certificates with DuckDB and Zeek

April 22, 2026

Threat actors love to reuse tools, and sometimes, they get lazy. Case in point: AsyncRAT and its notorious fork, DcRAT. These remote access trojans often ship with default, self-signed certificates. If the…
Beyond the Grep: Hunting Malware with Zeek and DuckDB SQL

April 14, 2026

Hunting through raw Zeek logs just got a massive upgrade. If you’ve spent years in the SOC, you’ve likely built up a library of complex awk chains and grep commands to parse…
Ian Diaz – The U.S. Marshal, the Etsy Sonogram, and the Condo Plot

April 1, 2026

Imagine a real-life psychological thriller where the villain carries a federal badge. When a high-ranking U.S. Marshal’s relationship with his fiancé imploded over an Anaheim condo, he didn’t just walk away—he used…
Inside the North Korean Laptop Farm: How Christina Chapman Defrauded 300+ U.S. Companies from Arizona

March 26, 2026

This case isn’t the story of a criminal mastermind — it’s the story of a woman who quietly turned her Arizona home into a pipeline for North Korean operatives simply because she…