Mahdi HutamaFake CrowdStrike domainOn July 19, 2024, widespread IT system outage occurred due to an update from CrowdStrike sensor, the outage impacted Windows 10 and later…4d ago4d ago
Mahdi HutamaDetecting new creation azure account and changes to PIM group activityMicrosoft defender KQL Custom detection rulesJul 3Jul 3
Mahdi HutamaDetecting failed login attempts using disabled accountsMicrosoft defender KQL Custom detection rulesJul 1Jul 1
Mahdi HutamaDetecting attempt by PowerShell process to disable Microsoft Defender’s Service or componentMicrosoft defender KQL Custom detection rulesJun 29Jun 29
Mahdi HutamaChecking the hash value of email attachments into MalwareBazaar IOCsMicrosoft defender KQL Custom detection rulesJun 28Jun 28
Mahdi HutamaFind the file whose hash matches that of MalwareBazaar IOCsMicrosoft defender KQL Custom detection rulesJun 25Jun 25
Mahdi HutamaMalicious chrome extension — Letsdefend challengewalkthrough how to investigate chrome extentionJun 25Jun 25
Mahdi HutamaImageStegano — Letsdefend challengewalkthrough how to investigate malicious imageMay 31May 31
Mahdi HutamaPDF Analysis — Letsdefend challengewalkthrough how to investigate malicious PDF fileJan 11Jan 11
Mahdi HutamaMSHTML — Letsdefend challengewalkthrough how to investigate malicious document .docx and .doc fileJan 1Jan 1