• Home
  • Active Directory Attack
  • Network Attack
  • SIEM
  • TOOLS
  • IOC
  • Mitre Att&ck
  • E-Mail Attack
Search
Security Investigation Be the first to investigate
  • Home
  • Active Directory Attack
    • CVE-2023-21554 – Hunt For MSMQ QueueJumper In The Environment

      OS Credential Dumping- LSASS Memory vs Windows Logs

      Credential Dumping using Windows Network Providers – How to Respond

      The Flow of Event Telemetry Blocking – Detection & Response

      UEFI Persistence via WPBBIN – Detection & Response

  • Network Attack
    • What is Port Forwarding and the Security Risks?

      CVE-2021-4034 - Polkit Vulnerability Exploit Detection

      CVE-2021-4034 – Polkit Vulnerability Exploit Detection

      DNSSEC – Domain Name System Security Extensions Explained

      Detect Most Common Malicious Actions in the Linux Environment

      Detect Most Common Malicious Actions in the Linux Environment

      How DNS Tunneling works – Detection & Response

  • SIEM
    • Cybersecurity Playbook for SOC

      Incident Response For Common Attack Types

      Threat Hunting Hypothesis Examples: Start For a Good Hunt!

      Advanced Cyber Security Interview Questions and Answers

      What is Surface web, Deep web and Dark web

  • TOOLS
    • Wireshark Filters for Security Analyst

      How to Perform Static Code Analysis on Packed Malware ?

      How to Detect Malware Hijacking Digital signatures

      Densityscout – Entropy Analyzer for Threat Hunting and Incident Response

      Malicious JQuery & JavaScript – Threat Detection & Incident Response

  • IOC
    • Phishing Scam Alert: Fraudulent Emails Requesting to Clear Email Storage Space…

      Vidar Infostealer Malware Returns with new TTPS – Detection & Response

      New WhiskerSpy Backdoor via Watering Hole Attack -Detection & Response

      RedLine Stealer returns with New TTPS – Detection & Response

      Understanding Microsoft Defender Threat Intelligence (Defender TI)

  • Mitre Att&ck
    • Threat Hunting Playbooks For MITRE TACTICS

      Masquerade Attack Part 2 – Suspicious Services and File Names

      Masquerade Attack – Everything You Need To Know in 2022

      MITRE D3FEND Knowledge Guides to Design Better Cyber Defenses

      Mapping MITRE ATT&CK with Window Event Log IDs

  • E-Mail Attack
    • Emotet Malware with Microsoft OneNote- How to Block emails based on…

      How DMARC is used to reduce spoofed emails ?

      Hackers Use New Static Expressway Phishing Technique on Lucidchart

      Weird Trick to Block Password-Protected Files to Combat Ransomware

      Phishing with Reverse Tunnels and URL Shorteners – Detection & Response

Home Tags Windows event logs

Tag: windows event logs

Windows Management Instrumentation Attacks – Detection & Response
Active Directory Attack

Windows Management Instrumentation Attacks – Detection & Response

Anusthika Jeyashankar -
November 1, 2021
0
Directory Services Restore Mode Password Reset – Event IDs to Monitor
Active Directory Attack

Directory Services Restore Mode Password Reset – Event IDs to Monitor

Anusthika Jeyashankar -
October 25, 2021
0
Lateral Movement Detection with Windows Event Logs
Active Directory Attack

Lateral Movement Detection with Windows Event Logs

BalaGanesh -
October 20, 2021
0
Logon Tracer – Investigate & Visualize Malicious Windows Logon
TOOLS

Logon Tracer – Investigate & Visualize Malicious Windows Logon

Harisuthan -
October 6, 2021
0
Threat Hunting Using Windows EventID 4648 – Logon/Logoff
Active Directory Attack

Threat Hunting Using Windows EventID 4648 – Logon/Logoff

BalaGanesh -
September 28, 2021
0
Top Windows Security Events Logs You Must Monitor
Active Directory Attack

Top Windows Security Events Logs You Must Monitor

BalaGanesh -
January 5, 2021
0

Newsletter

Loading
  • About Us
  • Contact Us
  • Privacy Policy
© Newspaper WordPress Theme by TagDiv