Powered By TEKGENX CONSULTING
Views: 37When performing threat hunting using Splunk on Windows systems, there are several important queries you can use to identify potential threats and security incidents. Here are some examples: This query looks for event code 4688, which indicates process creation events. It filters out known Splunk-related processes to focus on potentially suspicious activities. This query … Read more
Views: 30Abuse.ch Platform Abuse.ch is a research project hosted by the Institue for Cybersecurity and Engineering at the Bern University of Applied Sciences in Switzerland. It was developed to identify and track malware and botnets through several operational platforms developed under the project. These platforms are: MalwareBazaar As the name suggests, this project is an all … Read more
Views: 50Urlscan.io is a free service developed to assist in scanning and analysing websites. It is used to automate the process of browsing and crawling through websites to record activities and interactions. When a URL is submitted, the information recorded includes the domains and IP addresses contacted, resources requested from the domains, a snapshot of the … Read more
Views: 9Threat Intelligence Foundation: Threat Intelligence is the analysis of data and information using tools and techniques to generate meaningful patterns on how to mitigate against potential risks associated with existing or emerging threats targeting organisations, industries, sectors or governments. To mitigate against risks, we can start by trying to answer a few simple questions: … Read more