Introduction Today we are going to cover a few techniques that have been used by APT41. During this blog post, we will use the Advanced Hunting feature in Microsoft Defender ATP to hunt for the described techniques. APT41 is a group that carries out Chinese state-sponsored espionage activity in addition to financially motivated activity. ThisContinue reading “Hunting for techniques used by APT41”
Introduction: I’ve been digging into KQL for a quite some time, and I often get the question if I could help someone out with building a KQL query. This has motivated me to release a first edition of KQL Internals, which has received a lot of positive feedback from the community. KQL Internals is aContinue reading “Become a KQL Ninja”
Follow My Blog
Get new content delivered directly to your inbox.