I published the following diary on isc.sans.org: “Extending Hunting Capabilities in Your Network“:
Today’s diary is an extension to the one I posted yesterday about hunting for malicious files crossing your network. Searching for new IOCs is nice but there are risks of missing important pieces of information! Indeed, the first recipe could miss some malicious files in the following scenarios… [Read more]