Published inDetect FYIEvent Log Manipulations - Time slippingAfter reading Alex’s latest article, I’m inspired to start a detection serie dedicated to Event Log manipulation techniques, with our first…Jan 13, 2024Jan 13, 2024
Published inDetect FYIThreat Hunting — Suspicious Windows Service NamesSimulation and DetectionJan 8, 2024A response icon2Jan 8, 2024A response icon2
Published inDetect FYIThreat Hunting - Suspicious User AgentsHunting for Suspicious User Agents with SplunkJan 1, 2024A response icon2Jan 1, 2024A response icon2
Published inDetect FYIDetecting DNS over HTTPSDetecting DNS over HTTPS - DoH with a SIEM - logs analysisNov 7, 2023A response icon2Nov 7, 2023A response icon2
Published inDetect FYIThreat Hunting - Suspicious TLDsNov 3, 2023A response icon1Nov 3, 2023A response icon1
Published inOSINT TeamCatching My Hacker via Leaked DatabasesHow i got hacked and tracked the hacker with leaked databasesOct 4, 2023A response icon2Oct 4, 2023A response icon2
Published inDetect FYIDetect DLL Hijacking techniques from HijackLibs with SplunkSplunk detections searchesOct 1, 2023Oct 1, 2023
The Myths and Realities of VPNsHave you also noticed the aggressive advertising campaigns for VPN providers, promoted by social media influencers and YouTube creators …Sep 30, 2023Sep 30, 2023
Published inDetect FYIHow Threat Actors use PastebinWhy is it important to monitor paste sites? detection tipsAug 24, 2023A response icon1Aug 24, 2023A response icon1
