You're listening to the CyberWire Network, powered by N2K.

Today's episode is sponsored by SRM, your first call for cybersecurity and

investigations. Threats today are evolving faster than ever before and since 2005 SRM has pioneered

tailored security solutions for global corporations and their executives.

Whether it's defending against cyber attacks with their award-winning team of ethical hackers and incident response specialists,

or navigating the murky waters of compliance and ESG challenges,

SRMs, Insight and Straight straightforward advice will help you navigate complex risks

and emerge more resilient.

Their secret, a culture that nurtures the sharpest minds, giving them access to the newest technologies and the freedom

to solve problems in new ways, enabling them to craft simple effective solutions for your

unique cyber challenges.

Search your first call to discover how SRM can help your business. Hello everyone and welcome to the CyberWire's Research Saturday.

I'm Dave Bitner and this is our weekly conversation with researchers and analysts tracking

down threats and vulnerabilities, solving some of the hard problems of protecting

ourselves in a rapidly evolving cyberspace.

Thanks for joining us. As part of our regular threat hunting, we saw some weird events, power shell events.

We saw them regularly for over a year.

Only when a user contacted us,

we figured out that the events are coming from a pirated windows installation.

That's Tom Roter. He's a security researcher at Minerva Labs. The research we're discussing today is titled

Rigging a Windows installation.

You can sense to glory. If this is started something.

...