3d ago · 7 min read · If you are just starting your cybersecurity journey, one tool you absolutely must know is Wireshark. Whether you are a student, a SOC analyst, or someone preparing for a certification like ISC2 CC or
Join discussion
Apr 30 · 10 min read · When I first heard about Intel 471’s Intelligence-Driven Threat Hunting Workshop: Vulnerability Post-Exploitation Behaviors, I wasn’t actively searching for another certification or workshop. In fact,
Join discussion
Feb 21 · 5 min read · In today’s walkthrough, we’re investigating another LetsDefend alert: SOC175 – PowerShell Found in Requested URL – Possible CVE-2022-41082 Exploitation During this analysis, I made a small but impo
Join discussion
Feb 19 · 3 min read · Today we’re investigating another LetsDefend alert: SOC164 – Suspicious Mshta Behavior This alert focuses on detecting suspicious usage of a legitimate Windows binary often abused by attackers. 🔎 Alert Overview From the monitoring page, we are pro...
Join discussion
Feb 19 · 3 min read · In this walkthrough, we investigate the SOC163 – Suspicious Certutil.exe Usage alert in the LetsDefend platform. 🔎 Alert Overview The monitoring dashboard shows an alert triggered for suspicious usage of certutil.exe. Certutil.exe is a legitimate ...
Join discussion
Feb 17 · 3 min read · Today we’re investigating another LetsDefend alert: SOC282 – Phishing Alert: Deceptive Mail Detected This alert focuses on identifying whether a suspicious email is malicious and determining the appropriate response actions. 🔎 Alert Overview From ...
Join discussion
Feb 15 · 4 min read · Today, we’re investigating another LetsDefend alert: SOC176 – RDP Brute Force Detected (EventID: 234). This alert focuses on suspicious Remote Desktop Protocol (RDP) activity that may indicate a brute force attack. 🔎 Alert Overview The alert det...
Join discussion
