all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Incident Response with Splunk 3: Investigating Windows & Powershell Anomalies

Add to bookmarks
Feb. 10, 2024, 4:11 a.m. | CYBERWOX

Day Cyberwox www.youtube.com

TIMESTAMPS
00:00 Intro
05:32 Bringing Tadi on & more greetings
10:26 Whose background looks nicer?
16:18 Thank you!
17:10 Why Splunk? (Depth & Breadth of Knowledge)
19:15 The Challenge
23:13 Orienting ourselves on the data
25:25 Backdoor user investigation
29:07 Registry modification activity
52:35 Investigating the impersonated user
54:05 Remote backdoor activity
58:59 Gemini, Bard & Copilot
01:00:59 Logins from backdoor user
01:30:40 I DIDN'T TRY ZERO
01:32:50 The compromised host
01:33:44 Powershell execution
01:48:50 Encoded PowerShell script
02:04:29 Outro …

amp backdoor challenge data incident incident response investigation knowledge modification nicer powershell registry response splunk timestamps windows

Visit resource

More from www.youtube.com / Day Cyberwox

Modern Detection Engineering w/ Jimmy Vo | CYBER STORIES EP 15 3 days, 1 hour ago | www.youtube.com
academy career cloudcomputing clouds +19
What Does a Cybersecurity Incident Response Engineer Do? #cybersecurity #malware 5 days, 1 hour ago | www.youtube.com
academy affiliate cloud cloudcomputing +24
Asking Ex-Helpdesks How To Transition Into Cybersecurity 5 days, 7 hours ago | www.youtube.com
asking cybersecurity helpdesk it support +7
What Does a Cybersecurity Detection & Response Engineer DO? #cybersecurity 6 days, 1 hour ago | www.youtube.com
academy affiliate cloud cloudcomputing +21
What Does A Cybersecurity Engineer Do? (Corporate Security) #cybersecurity 1 week, 1 day ago | www.youtube.com
academy affiliate cloud cloudcomputing +21
Cybersecurity Engineering Careers: CorpSec, Threat Detection & Incident Response Engineers | Part 1 1 week, 3 days ago | www.youtube.com
amp career careers corporate +19
Are Cybersecurity Skills & Certifications Worth It? #cybersecurity 1 week, 5 days ago | www.youtube.com
academy affiliate career certifications +20
The Best Path To Cybersecurity #cybersecurity 1 week, 6 days ago | www.youtube.com
academy affiliate cloud cloudcomputing +18
Cybersecurity Salaries: How Much Can You Make? #cybersecurity #salaries 2 weeks, 1 day ago | www.youtube.com
academy affiliate can career +19

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs