This is nice medium.com/@vanvleet/cr.... In Microsoft Sentinel you can use ingestion_time() to measure delays on ingestion and alert on them.
Creating Resilient Detections
How to make your threat detection queries resilient to ingest delay and query failures.
medium.com
November 22, 2024 at 12:43 PM
This is nice medium.com/@vanvleet/cr.... In Microsoft Sentinel you can use ingestion_time() to measure delays on ingestion and alert on them.
Spyware staging before host based data is collected. TCP connection is first used to verify CnC is live before continued execution.
Look out for page permissions and network connections like these in the same tree
Look out for page permissions and network connections like these in the same tree
April 1, 2024 at 6:23 PM
Spyware staging before host based data is collected. TCP connection is first used to verify CnC is live before continued execution.
Look out for page permissions and network connections like these in the same tree
Look out for page permissions and network connections like these in the same tree
04a34696c2cf0da7237f395b0eef934880482607d408eb92e6906cce6df1323b
app.malcore.io/share/65f0eeee…
overlap with :bea1d58d168b267c27b1028b47bd6ad19e249630abb7c03cfffede8568749203
app.malcore.io/share/65f0eeee…
overlap with :bea1d58d168b267c27b1028b47bd6ad19e249630abb7c03cfffede8568749203
March 31, 2024 at 12:30 AM
04a34696c2cf0da7237f395b0eef934880482607d408eb92e6906cce6df1323b
app.malcore.io/share/65f0eeee…
overlap with :bea1d58d168b267c27b1028b47bd6ad19e249630abb7c03cfffede8568749203
app.malcore.io/share/65f0eeee…
overlap with :bea1d58d168b267c27b1028b47bd6ad19e249630abb7c03cfffede8568749203
March 30, 2024 at 10:09 PM
me looking at a closed alert for F_1A33DA file name
September 4, 2023 at 4:09 PM
me looking at a closed alert for F_1A33DA file name
Reposted by ZombieLucy
Go Harden your Widows Security!
https://github.com/HotCakeX/Harden-Windows-Security
#Microsoft #Windows #Security
https://github.com/HotCakeX/Harden-Windows-Security
#Microsoft #Windows #Security
GitHub - HotCakeX/Harden-Windows-Security: Harden Windows Safely, Securely using Official Supported ...
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers...
github.com
August 21, 2023 at 12:51 PM
Go Harden your Widows Security!
https://github.com/HotCakeX/Harden-Windows-Security
#Microsoft #Windows #Security
https://github.com/HotCakeX/Harden-Windows-Security
#Microsoft #Windows #Security
August 13, 2023 at 2:41 PM
How to handle a true positive https://www.goblinloot.net/2023/08/investigate-two.html
August 13, 2023 at 2:41 PM
How to handle a true positive https://www.goblinloot.net/2023/08/investigate-two.html
Quality to analysis https://www.goblinloot.net/2023/08/investigate-three.html
August 13, 2023 at 2:40 PM
Quality to analysis https://www.goblinloot.net/2023/08/investigate-three.html
Inject adrenaline into your Endpoints https://www.goblinloot.net/2023/08/endpoint-on-adrenaline-3.html
August 13, 2023 at 2:40 PM
Inject adrenaline into your Endpoints https://www.goblinloot.net/2023/08/endpoint-on-adrenaline-3.html
Stop getting compromised https://www.goblinloot.net/2023/08/brilliance-in-basics.html
August 13, 2023 at 2:39 PM
Stop getting compromised https://www.goblinloot.net/2023/08/brilliance-in-basics.html
Give your endpoints adrenaline https://www.goblinloot.net/2023/07/endpoint-on-adrenaline-part-one.html?m=1
August 8, 2023 at 6:17 AM
Give your endpoints adrenaline https://www.goblinloot.net/2023/07/endpoint-on-adrenaline-part-one.html?m=1
Dismantle the want for entry level analysts
https://www.goblinloot.net/
https://www.goblinloot.net/
Goblin Loot
www.goblinloot.net
August 8, 2023 at 6:14 AM
Dismantle the want for entry level analysts
https://www.goblinloot.net/
https://www.goblinloot.net/