all InfoSec news
Lsass.exe spawning werfault.exe
March 22, 2022, 5:18 p.m. | /u/i_whiteheart
Computer Forensics www.reddit.com
Today i found the suspicious behaviour on two DC's inside the network where, lsass.exe spawned the process of werfault.exe . While doing investigation i was not able to get any artifact that indicates that servers might be compromised. I detected this thing on SIEM and EDR logs doesn't mentions the process lineage. Can you people help me?
More from www.reddit.com / Computer Forensics
Any Agent-based acquisition for IOS 17?
1 day, 14 hours ago |
www.reddit.com
Automate dynamic analysis for forensic investigation
2 days, 18 hours ago |
www.reddit.com
general purpose livecd for forensics
1 week, 1 day ago |
www.reddit.com
Lumma Stealer Malware Analysis
1 week, 1 day ago |
www.reddit.com
Transition from private sector back to LE
1 week, 1 day ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Computer and Forensics Investigator
@ ManTech | 221BQ - Cstmr Site,Springfield,VA
Senior Security Analyst
@ Oracle | United States
Associate Vulnerability Management Specialist
@ Diebold Nixdorf | Hyderabad, Telangana, India