Derek King has published another post as part of his “Hunting with Splunk: The Basics” series. This time he is discussing lateral movement – one of the key indicators when you actually have an APT in your network as Ryan Kovar said.
-
-
AutoMacTC: Automated Mac Forensic Triage Collector
AutoMacTC is a modular forensic triage collection framework designed to access various for… -
The Five Most Dangerous New Attack Techniques and How to Counter Them
Which are the most dangerous new attack techniques? How do they work? How can you stop the…
Load More Related Articles
-
Detecting PowerShell Empire Shenanigans with Sysinternals
In this post Ben Bornholm writes about how to detect PowerShell Empire using the tools fro… -
Analyzing the Windows LNK File Attack Method
An interesting post by D3xt3r’s Malware Laboratory describing another example of usi… -
Cobalt Strike Remote Threads Detection
Olaf Hartong has writted a blog post in which he shows how to use “Create Remote Thread” e…
Load More In Tips & Tricks
