Home
Active Directory Attack
Network Attack
SIEM
TOOLS
IOC
Mitre Att&ck
E-Mail Attack
Search
Security Investigation
Be the first to investigate
Home
Active Directory Attack
OS Credential Dumping- LSASS Memory vs Windows Logs
Credential Dumping using Windows Network Providers – How to Respond
The Flow of Event Telemetry Blocking – Detection & Response
UEFI Persistence via WPBBIN – Detection & Response
Microsoft Notified Blueteam to Monitor Sqlps.exe and Powershell
Network Attack
What is Port Forwarding and the Security Risks?
CVE-2021-4034 – Polkit Vulnerability Exploit Detection
DNSSEC – Domain Name System Security Extensions Explained
Detect Most Common Malicious Actions in the Linux Environment
How DNS Tunneling works – Detection & Response
SIEM
Anatomy Of The Ransomware Cybercrime Economy
Anatomy Of An Advanced Persistent Threat Group
Out-of-Band Application Security Testing – Detection and Response
Splunk Commands – BIN and its Arguments
Microsoft Cloud App Security Anomaly Detection Policies
TOOLS
Free Ransomware Decryption tool -No More Ransom
How to Remove Database Malware from Your Website
Most Common Malware Obfuscation Techniques
Web Malware Removal | How to Remove Malware From Your Website?
What is a WAF? | Web Application Firewall Explained
IOC
WEBBFUSCATOR Campaign New TTPS – Detection & Response
Remcos RAT New TTPS – Detection & Response
Malicious PowerPoint Document Spreads with New TTPS – Detection & Response
CVE-2017-0199 – Old Flaws New Techniques
Raccoon Infostealer Malware Returns with New TTPS – Detection & Response
Mitre Att&ck
Masquerade Attack Part 2 – Suspicious Services and File Names
Masquerade Attack – Everything You Need To Know in 2022
MITRE D3FEND Knowledge Guides to Design Better Cyber Defenses
Mapping MITRE ATT&CK with Window Event Log IDs
Advance Mitre Threat Mapping – Attack Navigator & TRAM Tools
E-Mail Attack
Hackers Use New Static Expressway Phishing Technique on Lucidchart
Weird Trick to Block Password-Protected Files to Combat Ransomware
Phishing with Reverse Tunnels and URL Shorteners – Detection & Response
How to spot a phishing email?
Google SMTP Relay Abused to Deliver Phishing Emails
Home
Tags
Event id 4648
Tag: event id 4648
Active Directory Attack
Most Common Windows Event IDs to Hunt – Mind Map
BalaGanesh
-
November 3, 2021
0
Active Directory Attack
Windows Management Instrumentation Attacks – Detection & Response
Anusthika Jeyashankar
-
November 1, 2021
0
Active Directory Attack
Threat Hunting Using Windows EventID 4648 – Logon/Logoff
BalaGanesh
-
September 28, 2021
0
Active Directory Attack
Threat Hunting Using Windows Security Log
Anusthika Jeyashankar
-
September 27, 2021
0
