General – Page 2

Attackers and RDP MRUs

2018-10-07 (2022-05-15) Mat

Now I finally got the time to continue with mapping the data out of my Tanium RDP MRU Sensor. But first a couple of things. Two people responded to my last Blog entry and pointed me at the HKEY_Users hive (HKU) to get my data easier. And they are partly […]

Another DFIR Blog? Really?

2018-10-04 (2019-02-02) Mat

WHY ? I’ve not been maintaining a blog for quite some time know. So why do I feel that ti now makes sense to start over again. Well, first and foremost whenever I develop new fancy threat detection mechanisms and strategies or run incident response engagements in my day job, or […]