Tag: threat hunting
A Guide on Creating SIGMA Rules
Hello, cyber sentinels! Today, we’re going to make sense of SIGMA rules, piece by piece. Imagine it like a LEGO set. Each block has a [more…]
Your Eyes on Suspicious RDP Logins
Hello, fellow threat hunters! If you’re here, you’re obviously on the prowl for malicious activities in your network. Today, we’re looking at an old favorite [more…]
Why is lsass.exe Knocking on Port 80’s Door?
If you’re a threat hunter, you’ve probably encountered some puzzling behaviors. For example, the Windows process lsass.exe making an outbound connection to an internet address [more…]