Bleeping Computer

New Chainsaw tool helps IR teams analyze Windows event logs

Incident responders and blue teams have a new tool called Chainsaw that speeds up searching through Windows event log records to identify threats. The tool is designed to assist in the first-response ...
Bleeping Computer

Hackers are now hiding malware in Windows Event Logs

Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. The method ...
CSOonline

How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft's Sysmon and Azure Sentinel are easy and inexpensive ways to log events on your network. Here's how to get started with them. Logging is the key to knowing how the attackers came in and how ...