Month: June 2023
Security Event IDs for Threat Hunters
Join us as we unravel the secrets of threat hunting, diving deep into various event IDs that expose hidden risks and potential cyber threats. From [more…]
Event 4713: The Shift in Kerberos Policy
Greetings, fellow cybersecurity enthusiasts! In today’s cyber adventure, we’re shining a spotlight on Event 4713 – a Kerberos policy change. Grab your digital detective hats, [more…]
Event 4693: A Key Recovery Attempt Unveiled
Hello, cyber guardians! Today, we’re entering the world of cryptographic keys as we explore Event 4693. This one’s about an attempt to recover a data [more…]
Audit Log Wipe: Understanding Event 1102
Hello, cyber guardians! Today, we’re exploring Event 1102. If you’re thinking that’s just another number in a sea of events, think again. This event signals [more…]
OCSP Responder Service: A Security Update Has Occurred
Hello, cyber guardians! Today, we’re zooming in on an event that doesn’t always get the spotlight but is very crucial: a security setting update on [more…]
Role Separation: The Power of Partitioning
Hey there, cyber guardians! In our quest to keep the digital world safe, we’ve tackled many topics. Today, let’s dive into the concept of “Role [more…]
System Audit Policy: Change Alert!
Hello, cybersecurity champions! Today we’re cracking open the case of a “System Audit Policy Change”. Sounds serious, right? But don’t worry, we’ve got your back. [more…]
Detecting a Monitored Security Event Pattern
Hello, cybersecurity warriors! Today we’re diving into an essential aspect of threat hunting: the detection of a monitored security event pattern. It’s a mouthful, isn’t [more…]
A Guide on Creating SIGMA Rules
Hello, cyber sentinels! Today, we’re going to make sense of SIGMA rules, piece by piece. Imagine it like a LEGO set. Each block has a [more…]
Your Eyes on Suspicious RDP Logins
Hello, fellow threat hunters! If you’re here, you’re obviously on the prowl for malicious activities in your network. Today, we’re looking at an old favorite [more…]