Mauricio VelazcoHunting M365 Invaders: Dissecting Email Collection TechniquesOriginally published at https://www.splunk.com.May 31May 31
Mauricio VelazcoHunting M365 Invaders: Navigating the Shadows of Midnight BlizzardOriginally published at https://www.splunk.com.Feb 15Feb 15
Mauricio VelazcoHunting M365 Invaders: Blue Team’s Guide to Initial Access VectorsOriginally published at https://www.splunk.com on January 4, 2024.Jan 4Jan 4
Mauricio VelazcoSharing is Not Caring: Hunting for Network Share DiscoveryOriginally published at https://www.splunk.com on September 1, 2023.Sep 1, 2023Sep 1, 2023
Mauricio VelazcoDetecting Cloud Account Takeover AttacksOriginally published at https://www.splunk.com on Dec 6, 2022.Dec 5, 2022Dec 5, 2022
Mauricio VelazcoDetecting Active Directory Kerberos AttacksOriginally published at https://www.splunk.com on May 11, 2022.May 11, 2022May 11, 2022
Mauricio VelazcoHunting for samAccountName Spoofing (CVE-2021–42278) & Domain Controller Impersonation…BackgroundDec 21, 20211Dec 21, 20211
Mauricio VelazcoSimulating, Detecting, and Responding to Log4ShellLike most cybersecurity teams, the Splunk Threat Research Team (STRT) has been heads-down attempting to understand, simulate, and detect…Dec 17, 2021Dec 17, 2021
Mauricio VelazcoDetecting Active Directory Lateral MovementOriginally published at https://www.splunk.com on December 10, 2021.Dec 10, 2021Dec 10, 2021
Mauricio VelazcoDetecting Active Directory DiscoveryOriginally published at https://www.splunk.com on October 4, 2021.Oct 4, 2021Oct 4, 2021