{ "id": "ff741ca8-ec73-4bf3-95a8-62248e9f75dd", "created_at": "2026-04-06T02:12:56.106704Z", "updated_at": "2026-04-10T03:35:29.05748Z", "deleted_at": null, "sha1_hash": "80efa0d17db06393ad01566b0156e55a3d755ff1", "title": "Aiden Mitchell - Detection Operations Lead", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 39439, "plain_text": "Aiden Mitchell - Detection Operations Lead\r\nBy Aiden Mitchell\r\nArchived: 2026-04-06 01:48:13 UTC\r\nAbout Me\r\nPassionate about security, community service, and emergency response.\r\nCo-founder @ OMCzero, a non-profit dedicated to preserving and archiving information related to local rail\r\ntransit systems in Metro Vancouver.\r\nVolunteering with TransLink, Metro Vancouver Transit Police, and Big Brothers of Greater Vancouver.\r\nCertified in emergency medical response. Pursuing an Emergency Medical Responder (EMR) license in early\r\n2026.\r\nStudying emergency mental health and psychological first aid through Johns Hopkins.\r\nLanguages\r\nEnglishFrench\r\nExperience\r\nSublime Security\r\nDetection Operations LeadJan 2026\r\nSenior Threat Detection EngineerMay 2025\r\nDetection EngineerNov 2024\r\nEmail Security AnalystNov 2023\r\nDetection Engineering InternNov 2022\r\nBroadstreet Properties\r\nCybersecurity SpecialistSep 2022\r\nIT Support SpecialistJul 2021\r\nSoftware \u0026 Tools\r\nhttps://aidenmitchell.ca/asyncrat-via-vbs/\r\nPage 1 of 3\n\nCloudSecurityIdentity/MDMNetworkingAIPlatformsLanguages\r\nAWSAzureCloudflare Workers PlatformElasticsearchSentinelOneSublime SecurityVantaActive DirectoryGoogle\r\nWorkspaceIntuneJamfKandjiSCCMCisco IOSMeshtasticpfSenseTailscaleUniFiClaude CodeOllamaPrompt\r\nEngineeringDockerESXiHome AssistantmacOSProxmoxSynology\r\nDSMUbuntuUnraidvSphereWindowsBashCSSHTMLPython\r\nPhilosophy\r\nSecular humanism, promoting human dignity without belief in a higher power.\r\n\"I choose science when I can, violence when I must, but silence is never an option.\"\r\nFavorite Quotes\r\n\"All sciences are precise. That's what science means.\"\r\n- Kent Davison (Veep, 2012-2019)\r\n\"Just by being born, technically, you changed the universe irrevocably.\"\r\n- Michael Stevens (Vsauce, 2016)\r\n\"What matters isn't if people are good or bad. What matters is if they're trying to be better today than they were\r\nyesterday.\"\r\n\"People improve when they get external love and support. How can we hold it against them when they don't?\"\r\n- Michael Realman (The Good Place, 2016-2020)\r\n\"True literature can exist only where it is created, not by diligent and trustworthy functionaries, but by madmen,\r\nhermits, heretics, dreamers, rebels, and skeptics.\"\r\n- Yevgeny Zamyatin (A Soviet Heretic: Essays, 1955)\r\n\"The number of hours we have together is actually not so large. Please linger near the door uncomfortably instead\r\nof just leaving. Please forget your scarf in my life and come back later for it.\"\r\n- Mikko Harvey (from his poem \"For M\", 2023)\r\n\"Of course I'll hurt you. Of course you'll hurt me. Of course we will hurt each other. But this is the very condition\r\nof existence. To become spring, means accepting the risk of winter. To become presence, means accepting the risk\r\nof absence.\"\r\n- Antoine de Saint-Exupéry (translated from French, date unknown)\r\n\"I'm advocating for accepting wisdom and insight from anyone who can bring it, regardless of where they come\r\nfrom. And in fact, if they come from someplace that's different than where I come from, I probably have more to\r\nlearn and more to gain than just talking to another person who agrees with me already.\"\r\nhttps://aidenmitchell.ca/asyncrat-via-vbs/\r\nPage 2 of 3\n\n- Rhett McLaughlin (Rich Roll podcast, 2025)\r\nBlog\r\nContact\r\nConnect\r\nSource: https://aidenmitchell.ca/asyncrat-via-vbs/\r\nhttps://aidenmitchell.ca/asyncrat-via-vbs/\r\nPage 3 of 3", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia" ], "references": [ "https://aidenmitchell.ca/asyncrat-via-vbs/" ], "report_names": [ "asyncrat-via-vbs" ], "threat_actors": [ { "id": "42a6a29d-6b98-4fd6-a742-a45a0306c7b0", "created_at": "2022-10-25T15:50:23.710403Z", "updated_at": "2026-04-10T02:00:05.281246Z", "deleted_at": null, "main_name": "Silence", "aliases": [ "Whisper Spider" ], "source_name": "MITRE:Silence", "tools": [ "Winexe", "SDelete" ], "source_id": "MITRE", "reports": null }, { "id": "d90307b6-14a9-4d0b-9156-89e453d6eb13", "created_at": "2022-10-25T16:07:23.773944Z", "updated_at": "2026-04-10T02:00:04.746188Z", "deleted_at": null, "main_name": "Lead", "aliases": [ "Casper", "TG-3279" ], "source_name": "ETDA:Lead", "tools": [ "Agentemis", "BleDoor", "Cobalt Strike", "CobaltStrike", "RbDoor", "RibDoor", "Winnti", "cobeacon" ], "source_id": "ETDA", "reports": null }, { "id": "eb5915d6-49a0-464d-9e4e-e1e2d3d31bc7", "created_at": "2025-03-29T02:05:20.764715Z", "updated_at": "2026-04-10T02:00:03.851829Z", "deleted_at": null, "main_name": "GOLD WYMAN", "aliases": [ "Silence " ], "source_name": "Secureworks:GOLD WYMAN", "tools": [ "Silence" ], "source_id": "Secureworks", "reports": null }, { "id": "88e53203-891a-46f8-9ced-81d874a271c4", "created_at": "2022-10-25T16:07:24.191982Z", "updated_at": "2026-04-10T02:00:04.895327Z", "deleted_at": null, "main_name": "Silence", "aliases": [ "ATK 86", "Contract Crew", "G0091", "TAG-CR8", "TEMP.TruthTeller", "Whisper Spider" ], "source_name": "ETDA:Silence", "tools": [ "EDA", "EmpireDNSAgent", "Farse", "Ivoke", "Kikothac", "LOLBAS", "LOLBins", "Living off the Land", "Meterpreter", "ProxyBot", "ReconModule", "Silence.Downloader", "TiniMet", "TinyMet", "TrueBot", "xfs-disp.exe" ], "source_id": "ETDA", "reports": null } ], "ts_created_at": 1775441576, "ts_updated_at": 1775792129, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/80efa0d17db06393ad01566b0156e55a3d755ff1.pdf", "text": "https://archive.orkl.eu/80efa0d17db06393ad01566b0156e55a3d755ff1.txt", "img": "https://archive.orkl.eu/80efa0d17db06393ad01566b0156e55a3d755ff1.jpg" } }