Emotet is a trojan malware that steals sensitive information. Many companies are concerned that their users will get infected by this malware and might leak sensitive information.
A customer I’m currently helping with their Security Operations Center (SOC) asked me, how they can detect Emotet in their environment.
Here’s what I came up with – maybe it helps you detecting Emotet or similar malware in your environment, too! (more…)
When it comes to securing Windows Systems, it doesn’t matter if you harden a Domain Controller, a server system or a client – one thing they all have in common:
There are baselines provided by Microsoft, which security settings should be applied for each system.
Amongst others, there are some audit recommendations included.
I often work with customers who just started building their Security Operations Center (SOC). Many customers are confused by the variety of Windows Events: which events should be monitored? Which events will be generated when a specific baseline is applied?
Writing down each event and monitoring recommendations would be a huge effort. That’s why I automated it and created EventList – I hope, it helps you, too! (more…)
miriamxyra 