Investigating PsExec Lateral Movement Activity
Investigating PsExec Lateral Movement Activity Why This Activity Stood Out During a routine review of our security telemetry, we noticed…
Author: ShieldStory
Analyzing Scheduled Task Abuse Telemetry
Analyzing Scheduled Task Abuse Telemetry: A Practical Threat Hunting Investigation Why This Activity Stood Out During our recent hunt session,…
Detecting Suspicious Credential Dumping
Detecting Suspicious Credential Dumping: A Realistic Threat Hunting Investigation Observations that Caught Our Eye On a routine scan of the…
Analyzing Rundll32 LOLBIN Abuse Telemetry
Analyzing Rundll32 LOLBIN Abuse Telemetry: A Practical Threat Hunting Investigation Initial Observations During our routine review of security logs, we…
Hunting for Rundll32 LOLBIN Abuse Abuse
Hunting for Rundll32 LOLBIN Abuse: A Realistic Threat Hunt Investigation Introduction This journal details a recent threat hunt focused on…
Investigating MSHTA Execution Activity
Investigating MSHTA Execution Activity: A Threat Hunting Case Study Why This Activity Stood Out During our routine SOC monitoring, we…
Hunting for Credential Dumping Abuse
Hunting for Credential Dumping Abuse: A Realistic Threat Hunting Investigation Why This Activity Stood Out During our routine monitoring, we…
Hunting for Scheduled Task Abuse Abuse
Hunting for Scheduled Task Abuse: A Realistic Threat Investigation Why This Activity Stood Out During our routine SOC monitoring, we…
Detecting Suspicious Encoded PowerShell Execution
Detecting Suspicious Encoded PowerShell Execution: A Real Hunt Investigation Why This Activity Stood Out During a routine threat hunt on…
Analyzing MSHTA Execution Telemetry
Analyzing MSHTA Execution Telemetry: A Realistic Threat Hunting Investigation Why This Activity Stood Out During a routine threat hunting session,…