Mauricio VelazcoHunting M365 Invaders: Dissecting Email Collection TechniquesOriginally published at https://www.splunk.com.16 min read·May 3, 2024--1--1
Mauricio VelazcoHunting M365 Invaders: Navigating the Shadows of Midnight BlizzardOriginally published at https://www.splunk.com.11 min read·Feb 15, 2024----
Mauricio VelazcoHunting M365 Invaders: Blue Team’s Guide to Initial Access VectorsOriginally published at https://www.splunk.com on January 4, 2024.17 min read·Jan 4, 2024----
Mauricio VelazcoSharing is Not Caring: Hunting for Network Share DiscoveryOriginally published at https://www.splunk.com on September 1, 2023.10 min read·Sep 1, 2023----
Mauricio VelazcoDetecting Cloud Account Takeover AttacksOriginally published at https://www.splunk.com on Dec 6, 2022.6 min read·Dec 5, 2022----
Mauricio VelazcoDetecting Active Directory Kerberos AttacksOriginally published at https://www.splunk.com on May 11, 2022.13 min read·May 11, 2022----
Mauricio VelazcoHunting for samAccountName Spoofing (CVE-2021–42278) & Domain Controller Impersonation…Background4 min read·Dec 21, 2021--1--1
Mauricio VelazcoSimulating, Detecting, and Responding to Log4ShellLike most cybersecurity teams, the Splunk Threat Research Team (STRT) has been heads-down attempting to understand, simulate, and detect…4 min read·Dec 17, 2021----
Mauricio VelazcoDetecting Active Directory Lateral MovementOriginally published at https://www.splunk.com on December 10, 2021.11 min read·Dec 10, 2021----
Mauricio VelazcoDetecting Active Directory DiscoveryOriginally published at https://www.splunk.com on October 4, 2021.13 min read·Oct 4, 2021----