Fixing custom sysmon-modular rules with invalid XML
I’m a big proponent of Sysinternals Sysmon for shops that aren’t running a commercial endpoint detection and response (EDR) tool, like VMware’s Carbon Black or Crowdstrike’s Falcon. Sysmon is the
Month: February 2023
When Notepad dials up a domain controller
Windows Notepad is a lonely tool. It barely does the job in a pinch, with only the most basic functions you’d expect in a text editor. Older versions drove non-Windows
Cyber security lessons from the NYSE opening auction glitch
January 24, 2023 started off as a normal Tuesday morning in the U.S. equity markets. Trading firms, retail investors, and other market participants entered their orders ahead of the opening