PsExec is a great tool for adversaries seeking to move laterally on your network, but it can be tricky to detect under certain circumstances. Learn what to look out for when threat hunting.
The following article originally appeared on the Carbon Black blog. The author, Jimmy Astle, is a senior threat researcher at Carbon Black and a speaker on the upcoming webinar: Testing Visibility to Develop an Innovative Threat Hunting Program. MITRE ATT&CK is arguably one of the best assets available to security professionals who want to dive into the intricacies of detecting and … Read More
You’ve heard the buzz around MITRE ATT&CK™ — but how do you apply this broad framework to your security program? We’re excited to kick off a three-part webinar series exploring how top security teams use ATT&CK as a roadmap to mature and expand their threat hunting programs. The first session features John Wunder, MITRE Principal Cybersecurity Engineer, alongside two long-time threat hunting gurus: Phil … Read More
A lesson I learned early in my career is that technology professionals often inherit older problems. This is especially true of administrators responsible for network services and security because they inherit the biggest snowball of problems: an enterprise network. Networks often grow in ways that make them harder to secure and maintain as they age, and admins often implement new … Read More
Preventing a breach is every security leader’s top priority. Stopping modern adversaries means having visibility and insight into their tactics, techniques, and behaviors. This two-part series takes readers behind the scenes of a compromised network environment in which multiple endpoints were infected with malware. Part 1 focuses on steps the malware took to establish persistence, while Part 2 will focus on … Read More