Process Archives - /dev/random

[SANS ISC] Hunting for Suspicious Processes with OSSEC

September 20, 2018 OSSEC, SANS Internet Storm Center, Security 2 comments

I published the following diary on isc.sans.edu: “Hunting for Suspicious Processes with OSSEC“: Here is a quick exampleÂ of how OSSEC can be helpful to perform threat hunting. OSSECÂ is a free security monitoring tool/log management platform whichÂ has many features related to detecting malicious activity on a live system like the

Interesting List of Windows Processes Killed by Malicious Software

September 6, 2017 Malware, Security One comment

Just a quick blog post about an interesting sample that I found today. Usually, modern pieces of malware implement anti-debugging and anti-VM techniques. They perform some checks against the target and when a positive result is found, they silently exit… Such checks might be testing the screen resolution, the activity