You might be interested in …

[NCSC-FI News] Sysmon’s RegistryEvent (Value Set)

A colleague asked me about Sysmon’s event ID 13 RegistryEvent (Value Set). They wanted to know if binary data could be recorded in event 13. Sysmon can record changes to the registry by configuring setting RegistryEvent. This is an example of a simple config to record all registry changes (don’t use this in production). Source: […]

Read More

[TheRecord] U.S. offers $5 million for info on North Korean cyber operators

The State Department announced Friday that it is offering a reward of up to $5 million for information about North Korean digital operations that help keep the regime afloat and fund its weapons programs. The department’s Rewards for Justice program will issue the money for “information on those who seek to undermine cybersecurity, including financial […]

Read More

[ThreatPost] 2021 Attacker Dwell Time Trends and Best Defenses

All posts, ThreatPost

The time that attackers stay hidden inside an organization’s networks is shifting, putting pressure on defenders and upping the need to detect and respond to threats in real-time. Source: Read More (Threatpost)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.