FalconFriday — Malicious Scheduled Tasks — 0xFF0B

Post-Image

FalconFriday — Malicious Scheduled Tasks — 0xFF0B

Welcome to the first FalconFriday post of 2021, in this post we provide background information on detecting malicious scheduled tasks using Microsoft Defender for Endpoint, and provide a query that can be used to automatically detect certain malicious scheduled tasks.

Cross post from medium.com, please read the full article here:

https://medium.com/falconforce/falconfriday-malicious-scheduled-tasks-0xff0b-debc64633f81

Direct link to our Github page:

https://github.com/FalconForceTeam/FalconFriday