Sysinternals: Procmon and Sysmon update - SANS Internet Storm Center

Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/

Handler on Duty: Johannes Ullrich

Threat Level: green

Sysinternals: Procmon and Sysmon update
New versions of Procmon and Sysmon were released. Sysmon supports a new rule: FileDeletedDetected. Use it to log deletions (without archiving the deleted file). Didier Stevens Senior handler Microsoft MVP blog.DidierStevens.com DidierStevensLabs.com	DidierStevens 677 Posts ISC Handler Apr 25th 2021
Thread locked Subscribe	Apr 25th 2021 1 year ago
Thank you Didier	Anonymous
Quote	Apr 25th 2021 1 year ago