Drordmarc=failSo I applied for a cyber support position at a local company, and the reply came back flagged as a possible phishing attempt. A look at the…Jun 28Jun 28
DrorDetecting beaconing behaviour with SPLBeaconing is a communication behaviour that you would see from malware where an infected system sends network traffic to a command and…Jun 17Jun 17
DrorSPL for DNS TunnelingA couple of weeks I set up a honeypot using T-Pot, nothing too exciting. Most of the ‘attacks’ are mass scanners, just out there scanning…Jun 12Jun 12
DrorHow To Get Splunk to run a search every secondYesterday I went through to Melbourne, and listened to a fascinating presentation on Business Automation using SOAR — basically how a…Jun 8Jun 8