Alain Tran
I'm on the path to becoming a SOC Analyst.
Recently passed the CompTIA CySA+, and now pursuing the HTB CDSA afterward for hands-on experience.
Latest write-ups
View all-
SOC336 - Windows OLE Zero-Click RCE Exploitation Detected (CVE-2025-21298)
Detection and investigation of a confirmed Windows OLE zero-click RCE exploitation via a malicious RTF email. OUTLOOK.EXE spawned cmd.exe which executed regsvr32.exe to retrieve a remote payload from a C2 server. The proxy permitted the outbound request. Host was isolated and escalated to L2.
-
RDP Brute Force Attack on WIN-SERVER - Triage #001
Detection and investigation of an automated RDP brute force attack targeting the Administrator account on WIN-SERVER, originating from an internal Kali Linux machine.