Feed
Discussion
SOC163 β Suspicious Certutil.exe Usage Walkthrough (Event ID: 113)
In this walkthrough, we investigate the SOC163 β Suspicious Certutil.exe Usage alert in the LetsDefend platform. π Alert Overview The monitoring dashboard shows an alert triggered for suspicious usage of certutil.exe. Certutil.exe is a legitimate ...
rideshcyber.hashnode.dev3 min read
#lolbin#blueteam#cybersecurity#cybersecurity-1#infosec-cjbi6apo9015yaywu2micx2eo#monitoring#threat-hunting#threat-intelligence#letsdefend#learning-in-public#soc-analyst#soc
Responses
No responses yet.