Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Sysinternals: Procmon and Sysmon update SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Sysinternals: Procmon and Sysmon update

New versions of Procmon and Sysmon were released.

Sysmon supports a new rule: FileDeletedDetected. Use it to log deletions (without archiving the deleted file).

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

 DidierStevens

553 Posts
ISC Handler
Apr 25th 2021
Reply Subscribe Apr 25th 2021
2 weeks ago
Thank you Didier
 Anonymous
Reply Quote Apr 25th 2021
2 weeks ago

Sign Up for Free or Log In to start participating in the conversation!