Tech Talk Tuesday

Threat Hunt For Malicious Account Usage Using Windows Event Logs

How To Threat Hunt for Malicious Account Usage Using the Windows Event Logs

The Windows event logs are a powerful funnel point for identifying hackers that leverage Windows accounts for access, lateral movement, and in other attack stages. In this edition of #TeckTalkTuesday, we explore logs within the advanced audit policy settings you can add to your threat hunting and incident response program to uncover attacker use of both domain-joined and local Windows accounts.


How to Threat Hunt For Wireless Network Compromise

Wireless networks are a key part of many corporate and home networks. In this edition of #TechTalkTuesday, we explore what wireless network attacks look like, and then cover four you can detect wireless attacks in your threat hunting and other cybersecurity efforts.


How to Discover Windows Run Key Persistence When Threat Hunting

Registry run key persistence is a popular technique used by APT37, Dragonfly, APT41 and many other attackers. In this edition of #TechTalkTuesday, we talk through the basics of run key persistence, how groups have used it, and how to look for run key persistence through your threat hunting, cybersecurity, and cyber threat intelligence efforts.

Scroll to Top