Twitter | Pretraživanje | |
SwiftOnSecurity 2. velj
My Sysmon config sees the shell/open reg key being written, if you want to alert on this. /cc
Reply Retweet Označi sa "sviđa mi se"
SwiftOnSecurity
If you understand the leverage patterns in a system, attackers can develop new methods and you can still catch them, years ahead of time.
Reply Retweet Označi sa "sviđa mi se" More
SwiftOnSecurity 2. velj
Odgovor korisniku/ci @SwiftOnSecurity
<TargetObject name="T1042" condition="contains">\command\</TargetObject> <!--Windows: Sensitive sub-key under file associations and CLSID that map to launch command-->
Reply Retweet Označi sa "sviđa mi se"