SANS ISC

[SANS ISC] Extending Hunting Capabilities in Your Network

I published the following diary on isc.sans.org: “Extending Hunting Capabilities in Your Network“: Today’s diary is an extension to the one I posted yesterday about hunting for malicious files crossing your network. Searching for new IOCs is nice but there are risks of missing important pieces of information! Indeed, the first

SANS ISC

[SANS ISC] Automatic Hunting for Malicious Files Crossing your Network

I published the following diary on isc.sans.org: “Automatic Hunting for Malicious Files Crossing your Network“: If classic security controls remain mandatory (antivirus, IDS, etc), it is always useful to increase your capacity to detect suspicious activities occurring in your networks. Here is a quick recipe that I’m using to detect

SANS ISC

[SANS ISC] Administrator’s Password Bad Practice

I published the following diary on isc.sans.org: “Administrator’s Password Bad Practice“: Just a quick reminder about some bad practices while handling Windows Administrator credentials. I’m constantly changing my hunting filters on VT. A few days ago, I started to search for files/scripts that use the Microsoft SysInternals tool psexec. For system administrators,

1 2 3 175