Threat Hunting for LSASS Credential Dumping with Wazuh and Sysmon: Simulations Using Atomic Red Team and Custom Rules -

Latest Posts

6 min read 0

SIEM
Wazuh

Threat Hunting for LSASS Credential Dumping with Wazuh and Sysmon: Simulations Using Atomic Red Team and Custom Rules

Sabrein Serag El Din
September 4, 2025

This guide provides a comprehensive walkthrough for setting up Sysmon and Wazuh to monitor Windows systems, with a focus on…

5 min read 1

Investigating a Web Portal Compromise: A Case Study for Cybersecurity Investigators

Samiul Islam
March 2, 2025

Introduction Cyber threats targeting public-facing web applications are increasing, with attackers deploying stealthy techniques to gain unauthorized access. This case…

2 min read 0

🎭 Ransomware Flash: Kraken ransomware allegedly breached Cisco

Sabrein Serag El Din
February 10, 2025

Victim Organization: CiscoCountry: United StatesAttack Type: RansomwareRansomware group: KrakenDate of Attack: 09-02-2025Ransom Amount: Not specified 🔍 Incident Overview On February 09, 2025, the ransomware group Kraken…

2 min read 0

🎭 Ransomware Flash: RansomHub Claims Attack on Southern Arkansas University Tech

Sabrein Serag El Din
February 9, 2025

Victim Organization: Southern Arkansas University Tech ‘sautech.edu’Country: United StatesAttack Type: RansomwareRansomware group: RansomHubDate of Attack: 07-02-2025Ransom Amount: Not specified 🔍 Incident Overview On February 7, 2025,…

4 min read 0

Lumma Stealer: The.PIF File Path Execution and Data Theft

Redowan Zaman Anik
February 9, 2025

Lumma Stealer is a sophisticated information-stealing malware that primarily targets credentials, browser data, and system information. One of the key…

1 min read 0

Ransomware Flash: Wilson Tarquin Falls Victim to killsec Ransomware

Sabrein Serag El Din
February 6, 2025

Victim Organization: Wilson TarquinCountry: United KingdomAttack Type: RansomwareRansomware group: killsecDate of Attack: 18-11-2024Ransom Amount: €25,000 Wilson Tarquin Limited, a UK-based…

3 min read 1

PECmd: A Powerful Tool for DFIR and Incident Response

engrarifcce@gmail.com
February 3, 2025

In digital forensics and incident response (DFIR), the ability to analyze artifacts efficiently is critical to uncovering malicious activity. One…

5 min read 2

Beginner’s Guide to Calculating Events Per Second (EPS) and Log Storage in Wazuh

Samiul Islam
February 2, 2025

Introduction Monitoring Events Per Second (EPS) and log storage usage in Wazuh is essential for maintaining system performance, storage efficiency,…

Banner Posts

Threat Hunting for LSASS Credential Dumping with Wazuh and Sysmon: Simulations Using Atomic Red Team and Custom Rules

Investigating a Web Portal Compromise: A Case Study for Cybersecurity Investigators

🎭 Ransomware Flash: Kraken ransomware allegedly breached Cisco

Grid Posts

Threat Hunting for LSASS Credential Dumping with Wazuh and Sysmon: Simulations Using Atomic Red Team and Custom Rules

Investigating a Web Portal Compromise: A Case Study for Cybersecurity Investigators

🎭 Ransomware Flash: Kraken ransomware allegedly breached Cisco

🎭 Ransomware Flash: RansomHub Claims Attack on Southern Arkansas University Tech

Latest Posts

Threat Hunting for LSASS Credential Dumping with Wazuh and Sysmon: Simulations Using Atomic Red Team and Custom Rules

Investigating a Web Portal Compromise: A Case Study for Cybersecurity Investigators

🎭 Ransomware Flash: Kraken ransomware allegedly breached Cisco

🎭 Ransomware Flash: RansomHub Claims Attack on Southern Arkansas University Tech

Lumma Stealer: The.PIF File Path Execution and Data Theft

Ransomware Flash: Wilson Tarquin Falls Victim to killsec Ransomware

PECmd: A Powerful Tool for DFIR and Incident Response

Beginner’s Guide to Calculating Events Per Second (EPS) and Log Storage in Wazuh