Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
ioc.exchange is one of the many independent Mastodon servers you can use to participate in the fediverse.
INDICATORS OF COMPROMISE (IOC) InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

Administered by:

Server stats:

1.6K
active users

ioc.exchange: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

Just Another Blue Teamer

For your Threat Hunting Tip of the Day:

I have covered this one many times, but I will continue to beat this horse as long as it exists. Adversaries WILL abuse the Run Registry Key for persistence, old malware will and new malware will and even future malware will. Why? Because of the function: Execute on logon.

So, if you are hunting for this, first make sure you have visibility into that registry key, emulate the traffic if you need to. Then make sure your tools have the visibility, that means you can hunt for it. Then, you can take this Intel 471 Free Community Hunt Package and drop it in your tool to begin the hunt! Enjoy and Happy Hunting!

Autorun or ASEP Registry Key Modification
hunter.cyborgsecurity.io/resea

Cyborg Security

hunter.cyborgsecurity.ioIntel 471 | HUNTER
Aug 22, 2024, 05:18 PM·Public·Web
0boosts·1favorite
ExploreLive feeds
About