PinnedSina MohebiHow to Use MITRE ATT&CK in SOCUsing MITRE ATT&CK in a Security Operations Center (SOC) can greatly enhance threat detection and response capabilities. Here are the steps…Aug 16, 20231Aug 16, 20231
Sina MohebiEventCode 4672 — Understanding Special Logon Privileges in Windows SecurityIn the realm of Windows security, special logon privileges play a crucial role in managing user permissions and maintaining system…Aug 31Aug 31
Sina MohebiMITRE ATT&CK Top techniques & sub-techniques 2023MITRE ATT&CK provides a framework for classifying attacker tactics, techniques, and procedures (TTPs). Each year, security researchers…Apr 24Apr 24
Sina MohebiDefending Against Mail Spoofing: Technical Solutions for Enhanced Email Security & Disabling SMTP…Introduction: In today’s digital landscape, mail spoofing poses a significant threat to individuals and organizations. It allows malicious…Nov 9, 2023Nov 9, 2023
Sina MohebiDetecting Webshells with Sysmon: A Technical AnalysisIntroduction: Webshells are malicious scripts or programs that attackers deploy on web servers to gain unauthorized access and control…Nov 5, 2023Nov 5, 2023
Sina MohebiRDP Event logs tracking 4624 / 4625Event ID 4624 is generated in the Windows Security Log when a successful logon occurs on a local computer. This event is generated on the…Aug 2, 2023Aug 2, 2023