The Sysinternals team has released a new version of Sysmon. This brings the version number to 13.
Our blog

In today’s edition, we’ll share a method of detecting beaconing C&C traffic from large data sets of proxy traffic.

In today’s edition, we’ll cover a technique and a new feature in Microsoft Defender for Endpoint: PE header information.

Welcome to the first FalconFriday post of 2021, in this post we provide background information on detecting malicious scheduled tasks using Microsoft Defender for Endpoint, and provide a query that can be used to automatically detect certain malicious scheduled tasks.