Simran Karki is an experienced SOC Analyst who has been working in defensive security for over 3 years. She has consistently demonstrated exceptional performance in her role, showing a keen eye for detail and a thorough understanding of security threats and how to prevent them. Her expertise includes monitoring and analyzing security events, managing incidents, and implementing effective security measures to protect against cyber attacks.
Simran Karki
July 22, 2024
Hunting Down Remcos RAT: How CrowdStrike Update Mishaps Can Reveal Hidden Threats
Table Of Contents Background Threat Landscape Threat Hunting Importance of Hypothesis in Threat Hunting Methodologies of Hypothesis Based hunting Plan Document IOCs Gathering TTPs Information MITRE Mapping Behavioral Analysis Investigate Mitigate Conclusion Background Recently, the cybersecurity community faced a significant challenge worldwide due to a BSOD (Blue Screen of Death) error caused by a CrowdStrike update.
Read More
March 9, 2023
Threat Hunting with Windows Event Logs
Table Of Contents Introduction Event log structure in windows About Tools Logon Activity Groups Account Logon Enumeration Remote Desktop Connection (RDP) Network Share Schedule Tasks Services PowerShell WMI Removable Devices Log Clearing Detection About SayCure Hunting Approaches with SayCure Failed Logins Large numbers of failed logins on a single source within a small number of times.
Read More