Microsoft DART released an article yesterday of how the malware known as Tarrask has been using scheduled tasks for defense evasion. This malware has been in use by an APT group known as HAFNIUM, likely most notable known by leveraging the 0-day known as ProxyShell a year ago. The article states that the malware...
How to start with host based threat hunting?
When I was first introduced to the threat hunting years back it was somewhat hard for me to grasp all the theory which was available in the internet. I did not have at the time any colleagues who would have had extensive experience from the threat hunting so I was struggling a bit to...