Blog Posts

Thought Pieces

This section contains original thought pieces rather than technical write-ups. It’s pieces are hosted entirely on jaiminton.com.

Read

Employing FeatureUsage for Windows 10 Taskbar Forensics

Research into a registry artifact known as ‘FeatureUsage’ and how it can be used in digital forensics investigations.

Read (External)

Finding, Hunting and Eradicating Spicy Hot Pot, a Persistent Browser Hijacking Rootkit

Investigation into a persistent browser hijacking rootkit known as ‘Spicy Hot Pot’.

Read (External)

Falcon Complete Stops Microsoft Exchange Server Zero-Day Exploits

Analysis of a 0-day vulnerability causing mass exploitation of Microsoft Exchange servers.

Read (External)

Malicious Self-Extracting Archives, Decoy Files and Their Hidden Payloads

Analysis of an empty SFX archive with hidden functionality to allow it to be used as a backdoor.

Read (External)

Detection Guidance for ConnectWise CVE-2024-1709

How to detect exploitation of ConnectWise CVE-2024-1709.

Read (External)

Advanced Persistent Threat Targeting Vietnamese Human Rights Defenders

Finding an APT which had been present in an environment for years and analysing their malware.

Read (External)

Oh No Cleo! Cleo Software Actively Being Exploited in the Wild

Investigation into a 0-day present in Cleo software that was actively being exploited in the wild.

Read (External)

Oh No Cleo! Malichus Implant Malware Analysis

Deep dive investigation into an implant targeting Cleo software which we named ‘Malichus’.

Read (External)

Rapid Response: Samsung MagicINFO 9 Server Flaw

Analysis of a 0-day exploited in the wild on Samsung digital sign content management software wrongly attributed to CVE-2024-7399 (which later was designated CVE-2025-4632).

Read (External)

Research: Axis Camera Exploitation

Analysis of exploitation via CVE-2025-30023/4/5/6 detected in the wild on Axis Communication surveillance products which started 7 days after public disclosure of the vulnerability

Read