keep Your Credentials Safe: Hunting Spraykatz with Sysmon
Hackers use the Spraykatz tool to harvest credentials when they are conducting lateral movements. Lateral movement is when a cyber-attacker…
Hackers use the Spraykatz tool to harvest credentials when they are conducting lateral movements. Lateral movement is when a cyber-attacker…
To apply this detection rule, you can convert it to your SIEM language. It is also recommended to update…
An adversary may attempt to block indicators or events typically captured by sensors from being gathered and analyzed. This could…
Adversaries may implement hidden windows to conceal malicious activity from the plain sight of users. In some cases, windows that…
To prevent normal users from accidentally changing special files on a system, most operating systems have the concept of a…
Malware, tools, or other non-native files dropped or created on a system by an adversary may leave traces behind as…
File and directory permissions are commonly managed by discretionary access control lists (DACLs) specified by the file or directory owner.…