X

You can join MEGA, the most secure cloud storage, with this referral link: https://mega.nz/aff=7Y94iYz_csg

  • Home
  • Patreon Login
  • All posts
  • Recent
  • Merch Store
  • Follow
  • Follow
  • Follow
  • Follow
  • Follow

Lockbit ransomware – How to recover your data

by Tristan Dostaler | Jul 17, 2022 | Cybersecurity, DFIR, Information Technology, InfoSec, Private Posts

I was recently working on a Lockbit ransomware incident and I was able to recover the data from encrypted VMDK and VHDX files.

SIEM 103 — Detect Windows bruteforce part 2

by Tristan Dostaler | Jun 3, 2022 | DFIR, Information Technology, InfoSec, Private Posts, SIEM, SIEM 100 series

This post is a follow up of the post “SIEM 102 — Detect Windows bruteforce” where I explained how to create a detection Use Case to detect a Windows bruteforce.
In this post I will explain how we can enhance the original detection logic by having a lower False Positive rate.

Why the SolarWinds hack matters

by Tristan Dostaler | Dec 14, 2020 | Cybersecurity, DFIR, Hack, Information Technology, InfoSec, TL;DR;

Maybe you saw the news on the SolarWinds hack. If you didn’t, you should follow me on Twitter: https://twitter.com/TristanDostaler
In this post I want to explain, in a way understandable by everyone, why this hack matters.

SIEM 202 — Detecting remote PsExec

by Tristan Dostaler | Nov 24, 2020 | Cybersecurity, DFIR, Information Technology, InfoSec, SIEM, SIEM 200 series

In this post I’ll explain how to detect an attacker that uses PsExec to connect to your computer when you don’t have visibility over the attacker’s computer.

MEGA referal

You can join MEGA, the most secure cloud storage, with this referral link: https://mega.nz/aff=7Y94iYz_csg

Recent Posts

  • Lockbit ransomware – How to recover your data
  • How to secure WordPress
  • SIEM 103 — Detect Windows bruteforce part 2

Subscribe!

Support

Buy me a coffee

Follow Me

  • Twitter
  • Facebook
  • RSS Feed
  • Discord

Media and Support

  • Twitter
  • Facebook
  • RSS Feed
  • Discord
Buy me a coffee

Referal and Benefits

You can join MEGA, the most secure cloud storage, with this referral link: https://mega.nz/aff=7Y94iYz_csg

Recent posts

  • Lockbit ransomware – How to recover your data
  • How to secure WordPress
  • SIEM 103 — Detect Windows bruteforce part 2
  • Why I switched from Logz.io to Humio
  • CIS controls – where to start in securing a medium/big enterprise

Subscribe!

  • Privacy Policy