Most Recent

Threat Hunting using Proxy Logs – Soc Incident Response Procedure

Phishing, Data exfiltration and droppers!! Oh Bad! Business needs the right control in place to detect and block cyber-attacks. Web proxy is one of...

Directory Services Restore Mode Password Reset – Event IDs to Monitor

Attackers will usually strive to spend additional periods on the machine in order to achieve their goals. Persistence attack is a phase that comes...

What is the MITRE ATT&CK Framework? How Is It Useful

Introduction MITRE | ATTACK is an open-source framework that mainly focuses to understand or familiarize yourself with adversary tactics and techniques based on real-world observations,...

Persistence Remote Password Reset – Event IDs to Monitor

Adversaries may manipulate accounts to maintain access to victim systems. Account manipulation may consist of any action that preserves adversary access to a compromised...

Lateral Movement Detection with Windows Event Logs

Lateral movement refers to the behaviors of cyber attackers after gaining initial access to the assets and moves around the compromised network for sensitive...

Newsletter

Sign up for Daily Updates

Loading

Most Popular