#soc

RRridesh raju bijwerideshcyber.hashnode.dev

SOC169 – Possible IDOR Attack Detected Walkthrough (EventID:119)

Today, we’ll be investigating another LetsDefend SOC alert: SOC169 — Possible IDOR Attack Detected In this walkthrough, we’ll analyze how repeated web requests exposed a serious web application vulner

2d ago4 min read

MSMoustafa S. Kamelblog.klivvr.com

The Silent Scan

Picture this… A stranger walks up to your house at 3 AM. They quietly check your windows, test the door handle, then slip away. Your security cameras recorded everything. But the screen that shows th

3d ago6 min read

PHPrayush Hadaprayush.hashnode.dev

Beyond the Inbox: 5 Counter-Intuitive Truths from the SOC Frontlines

About the Author I am Prayush Hada, a SOC Analyst in CryptoGen Nepal. This post synthesizes my findings during my SOC internship, where I moved from following alerts to investigating the human logic b

5d ago4 min read

RRridesh raju bijwerideshcyber.hashnode.dev

SOC175 Walkthrough – PowerShell Found in Requested URL-Possible CVE-2022-41082 Exploitation Walkthrough (EventID:125)

In today’s walkthrough, we’re investigating another LetsDefend alert: SOC175 – PowerShell Found in Requested URL – Possible CVE-2022-41082 Exploitation During this analysis, I made a small but impo

6d ago5 min read

RRridesh raju bijwerideshcyber.hashnode.dev

SOC164 – Suspicious Mshta Behavior Walkthrough (EventID:114)

Today we’re investigating another LetsDefend alert: SOC164 – Suspicious Mshta Behavior This alert focuses on detecting suspicious usage of a legitimate Windows binary often abused by attackers. 🔎 Al

6d ago4 min read

AAAmit Ambekarmitrecyberattack.hashnode.dev

MITRE ATT&CK Cyber Incident Matrix (2026) - 📘 Part 1: Understanding the Cyber Attack Landscape Through MITRE ATT&CK 📘

Introduction In today’s hyper-connected digital world, cyberattacks have evolved from simple malware infections to complex, multi-stage campaigns involving reconnaissance, credential abuse, lateral mo

Feb 192 min read

RRridesh raju bijwerideshcyber.hashnode.dev

SOC164 - Suspicious Mshta Behavior Walkthrough (EventID:114)

Today we’re investigating another LetsDefend alert: SOC164 – Suspicious Mshta Behavior This alert focuses on detecting suspicious usage of a legitimate Windows binary often abused by attackers. 🔎 Alert Overview From the monitoring page, we are pro...

Feb 193 min read

RRridesh raju bijwerideshcyber.hashnode.dev

SOC163 – Suspicious Certutil.exe Usage Walkthrough (Event ID: 113)

In this walkthrough, we investigate the SOC163 – Suspicious Certutil.exe Usage alert in the LetsDefend platform. 🔎 Alert Overview The monitoring dashboard shows an alert triggered for suspicious usage of certutil.exe. Certutil.exe is a legitimate ...

Feb 193 min read

RRridesh raju bijwerideshcyber.hashnode.dev

⭐SOC282 – Phishing Alert: Deceptive Mail Detected Walkthrough (EventID:257)

Today we’re investigating another LetsDefend alert: SOC282 – Phishing Alert: Deceptive Mail Detected This alert focuses on identifying whether a suspicious email is malicious and determining the appropriate response actions. 🔎 Alert Overview From ...

Feb 173 min read

RRMFLeadAIrmfleadai.hashnode.dev

Beyond Log Collection: Building an AI-Native SIEM That Actually Stops Data Exfiltration

A comprehensive blueprint for telemetry, correlation, control plane enforcement, and measurable validation Abstract Modern adversaries no longer rely on known exploits or signature based malware. Data exfiltration campaigns increasingly use zero day ...

Feb 1627 min read

Tag feed

Tag feed

#soc

SOC169 – Possible IDOR Attack Detected Walkthrough (EventID:119)

The Silent Scan

Beyond the Inbox: 5 Counter-Intuitive Truths from the SOC Frontlines

SOC175 Walkthrough – PowerShell Found in Requested URL-Possible CVE-2022-41082 Exploitation Walkthrough (EventID:125)

SOC164 – Suspicious Mshta Behavior Walkthrough (EventID:114)

MITRE ATT&CK Cyber Incident Matrix (2026) - 📘 Part 1: Understanding the Cyber Attack Landscape Through MITRE ATT&CK 📘

SOC164 - Suspicious Mshta Behavior Walkthrough (EventID:114)

SOC163 – Suspicious Certutil.exe Usage Walkthrough (Event ID: 113)

⭐SOC282 – Phishing Alert: Deceptive Mail Detected Walkthrough (EventID:257)

Beyond Log Collection: Building an AI-Native SIEM That Actually Stops Data Exfiltration

#soc

Search Hashnode

#soc

SOC169 – Possible IDOR Attack Detected Walkthrough (EventID:119)

The Silent Scan

Beyond the Inbox: 5 Counter-Intuitive Truths from the SOC Frontlines

SOC175 Walkthrough – PowerShell Found in Requested URL-Possible CVE-2022-41082 Exploitation Walkthrough (EventID:125)

SOC164 – Suspicious Mshta Behavior Walkthrough (EventID:114)

MITRE ATT&CK Cyber Incident Matrix (2026) - 📘 Part 1: Understanding the Cyber Attack Landscape Through MITRE ATT&CK 📘

SOC164 - Suspicious Mshta Behavior Walkthrough (EventID:114)

SOC163 – Suspicious Certutil.exe Usage Walkthrough (Event ID: 113)

⭐SOC282 – Phishing Alert: Deceptive Mail Detected Walkthrough (EventID:257)

Beyond Log Collection: Building an AI-Native SIEM That Actually Stops Data Exfiltration