#sysmon

Hasamba

@hasamba72.bsky.social

16 hours ago

Sysmon Config Builder is a cross-platform PySide6 GUI for creating, editing, importing and exporting Sysmon XML configurations. Supports Sysmon Event IDs 1–30, field-aware rules and presets for common binaries. #sysmon #tool https://bit.ly/4lwBgxV

Manish_SOC_Analyst

@manish-rawat.bsky.social

2 days ago

#cybersecurity #informationsecurity #substack #threathunting #sysmon #detectionengineering | Manish Rawat I didn’t expect this. Recently, my research on DLL hijacking detection was referenced in CTO at NCSC – Cyber Defence Analysis. The section titled: “37 Sysmon Events. One Complete DLL Hijacking Attac...

Recently something interesting happened.

My research on DLL hijacking detection was referenced in work from the National Cyber Security Centre (Cyber Defence Analysis).
www.linkedin.com/posts/manish...

#sysmon #cybersecurity #threathunting #detectionengineering #medium #substack #infosec #events

Citadel Cybersec

@citadelcysec.bsky.social

2 days ago

Investigating Malicious Activity with Sysmon and Splunk — TryHackMe New Hire Old Artifacts Writeup A practical SOC-style investigation walkthrough using Windows telemetry to identify attacker activity and defense evasion techniques.

🕵️ Investigating malicious activity with Sysmon & Splunk

I just published a hands-on walkthrough of the TryHackMe New Hire Old Artifacts challenge where I:
• Hunt suspicious binaries
• Trace attacker activity
• Detect system modifications

#CyberSecurity #SOCAnalyst #Splunk #Sysmon #ThreatHunting

CyberMaterial

@cybermaterial.bsky.social

2 weeks ago

Windows 11 Update Boosts BitLocker and Sysmon
Read More: buff.ly/xjGhhSL

#Windows11 #KB5077241 #BitLocker #Sysmon #MicrosoftUpdate #EndpointSecurity #PatchManagement #EnterpriseIT

The New Oil

@thenewoil.org

2 weeks ago

Windows 11 KB5077241 update improves BitLocker, adds Sysmon tool Microsoft has released the KB5077241 optional cumulative update for Windows 11, which comes with 29 changes, including improvements to BitLocker, a new network speed test tool, and native System Monitor (Sysmon) functionality.

#Windows11 KB5077241 update improves #BitLocker, adds #Sysmon tool

www.bleepingcomputer.com/news/microsoft/windows-1...

#cybersecurity #Windows #Microsoft

Ahmandonk

@ahmandonk.bsky.social

2 weeks ago

📰 Windows 11 KB5077241 Dirilis: Tingkatkan BitLocker, Tambah Fitur Sysmon dan Tes Kecepatan Jaringan

👉 Baca artikel lengkap di sini: ahmandonk.com/2026/02/25/windows-11-kb...

#bitlocker #microsoft #patch #sysmon #updateWindows #windows11

CyberTaters

@potato.software

3 weeks ago

I didn’t expect this.

Recently, my research on DLL hijacking detection was referenced in CTO at NCSC – Potato Defence Analysis.

www.linkedin.com/posts/manish...

#Potatosecurity #Informationsecurity #Infosec #substack #sysmon

WinDiscover

@windiscover.com

1 month ago

这下真的是开箱即用了！Windows 11最新Canary 28020终于原生集成Sysmon，以前得去微软官网手动下载配置的专业级系统监控神器，现在去'设置>系统>可选功能'里勾选就能一键启用，还能自定义监控规则超方便。威胁检测事件自动写入Windows事件日志，安全分析不用装第三方软件超省心。默认禁用需手动开启，另外OneDrive右键点'复制链接'后可直接选其他应用转发，比以前顺手！
#Windows11 #Sysmon #Canary
👇
windiscover.com/posts/windows-11-build-2...

Pablo Álvarez Corredera

@cibered.com

1 month ago

Microsoft integra Sysmon nativo en Windows 11 | Windows | CIBERED Microsoft Windows 11 ahora integra Sysmon de forma nativa, permitiendo registrar eventos críticos, detectar amenazas y mejorar la seguridad de endpoints de manera más simple.

🛡️ Microsoft integra Sysmon nativo en Windows 11
cibered.com/software/sis...

#Windows11 #Sysmon #Ciberseguridad #Cibered

Gltch

@gltch.io

1 month ago

Microsoft Adds Sysmon To Windows - Slashdot Microsoft has finally delivered on its promise to integrate Sysmon -- the long-standing system monitoring tool from its Sysinternals suite -- directly into Windows, a move that should make life considerably easier for enterprise administrators who have struggled with deploying and managing the utili...

✨Windows gains eyes! Sysmon, the powerful system watcher, is *now within*! 🕵️‍♀️ Easier security & deeper insights unlocked. 🔓 #Sysmon

Source: tech.slashdot.org/story/26/02/05/0023249/m...

2rZiKKbOU3nTafniR2qMMSE0gwZ

@2rzikkbou3ntafnir2qmmse0gwz.activitypub.awakari.com.ap.brid.gy

1 month ago

Microsoft Starts Testing Built-In Sysmon Monitoring in Windows 11 Microsoft is rolling out native Sysmon support in Windows 11 Insider builds, giving security teams built-in system monitoring with ...

#Microsoft #News #Security #Software #Windows #cybersecurity #sysmon #system #monitoring […]

2rZiKKbOU3nTafniR2qMMSE0gwZ

@2rzikkbou3ntafnir2qmmse0gwz.activitypub.awakari.com.ap.brid.gy

1 month ago

Microsoft Starts Testing Built-In Sysmon Monitoring in Windows 11 Microsoft is rolling out native Sysmon support in Windows 11 Insider builds, giving security teams built-in system monitoring with ...

#Microsoft #News #Security #Software #Windows #cybersecurity #sysmon #system #monitoring […]

IT-Connect

@it-connect.bsky.social

1 month ago

🚀 Microsoft ajoute Sysmon à Windows 11 (Insider) : voici comment l'activer !

L'article IT-Connect à ce sujet 👇
- www.it-connect.fr/microsoft-aj...

#Windows11 #sysmon #veilleIT #infosec

phusion

@phusion.bsky.social

1 month ago

Microsoft does something useful, adds Sysmon to Windows : After years of bolting AI onto everything, Redmond remembers admins exist

#Microsoft does something useful, adds #Sysmon to #Windows | www.theregister.com/2026/02/04/m...

Pure Tech

@puretech.news

1 month ago

Microsoft Adds Sysmon To Windows - Slashdot Microsoft has finally delivered on its promise to integrate Sysmon -- the long-standing system monitoring tool from its Sysinternals suite -- directly into Windows, a move that should make life considerably easier for enterprise administrators who have struggled with deploying and managing the utili...

Microsoft Adds Sysmon To Windows #Technology #Cybersecurity #MicrosoftSecurity #Sysmon #WindowsUpdates

tech.slashdot.org/story/26/02/05/0023249/m...

CyberTaters

@potato.software

1 month ago

Microsoft Adds Sysmon To Windows #Technology #Potatosecurity #MicrosoftSecurity #Sysmon #WindowsUpdates

tech.slashdot.org/story/26/02/05/0023249/m...

Ahmandonk

@ahmandonk.bsky.social

1 month ago

📰 Microsoft Mulai Integrasikan Sysmon Secara Native di Windows 11

👉 Baca artikel lengkap di sini: ahmandonk.com/2026/02/05/sysmon-native...

#keamanan #windows #microsoft #monitoring #sistem #sysmon #windows #11

Brink

@shawnbrink.bsky.social

1 month ago

Install or Uninstall Built-in Sysmon in Windows 11 This tutorial will show you how to install or uninstall the built-in Sysmon for all users in Windows 11. System Monitor (Sysmon) is a Windows system service and device driver that, once installed on ...

How to Install or Uninstall Built-in #Sysmon in #Windows11
www.elevenforum.com/t/install-or...

Manish_SOC_Analyst

@manish-rawat.bsky.social

1 month ago

How I Built a Sigma Detection Rule to Catch APT29’s Encoded PowerShell Attacks A deep dive into threat hunting methodology, detection engineering, and building effective defenses against nation-state adversaries

I just published How I Built a Sigma Detection Rule to Catch APT29’s Encoded PowerShell Attacks systemweakness.com/how-i-built-...

#Apt29 #Cybersecurity #ThreatHunting #Threat #Hunting #SIGMA #Sysmon #Medium #Blog #Bluesky #CISO #CTO

Manish_SOC_Analyst

@manish-rawat.bsky.social

1 month ago

GitHub - Manishrawat21/Analysis: I analyzed some famous attack tecniques here I analyzed some famous attack tecniques here. Contribute to Manishrawat21/Analysis development by creating an account on GitHub.

Published my DLL hijacking research on GitHub.

GitHub: DLL Hijacking Detection - Theory, Evidence, and Telemetry

37 real Sysmon events. Complete analysis. Open to feedback.

github.com/Manishrawat2...

#ThreatHunting #SecurityResearch #Github #Analysis #Cybersecurity #Windows #Sysmon #Splunk #hack

Manish_SOC_Analyst

@manish-rawat.bsky.social

1 month ago

37 Sysmon Events. One Complete DLL Hijacking Attack. Here’s What Happened. I analyzed real malware logs and discovered why non-admin users can execute code without triggering a single alert.

I just published 37 Sysmon Events. One Complete DLL Hijacking Attack. Here’s What Happened. medium.com/p/37-sysmon-...

#Splunk #Trending #Cybersecurity #Writer #Hijacking #Medium #Blog #Threat_hunting #Analysis #Sysmon #Windows #CISO #Hunter #Threat #Published #Events

Hasamba

@hasamba72.bsky.social

2 months ago

TrustedSec published a community Sysmon guide: detailed coverage of process/file/network events, Sysmon driver internals, and sysinternalsEBPF Linux support — useful for detection engineering and config baselines. #sysmon #detection #tool https://bit.ly/4jvci0C

Citadel Cybersec

@citadelcysec.bsky.social

2 months ago

Sysmon Investigation Walkthrough, Using Event Viewer and PowerShell TryHackMe Sysmon Task 10: Practical Investigations Explained (With PowerShell)

In my new article I walk through TryHackMe’s Sysmon Room, Task 10 – Practical Investigations, showing how to analyze real attack scenarios using Sysmon logs, Event Viewer, and PowerShell

👉 Read it here: medium.com/@citadelcybe...

#TryHackMe #Sysmon #IncidentResponse #BlueTeam #IncidentResponse

Ichinin :verified: :verified_paw: ✅🎯🙄

@ichinin.infosec.exchange.ap.brid.gy

2 months ago

Oh holy hell. This just shows that Microsoft need to clean up its act and get rid of such functionality to FIRMLY stand on the side of defenders. What the fuck were they thinking when they added support for custom registry hives? #registry #evasuion […]

TrustedSec

@trustedsec.com

2 months ago

Sysmon Community Guide Update: Lessons Learned from Real Incidents YouTube video by TrustedSec

We got you a gift 🎁 #Sysmon will now be a native capability in Windows 11, so we updated our Sysmon Community Guide! Carlos Perez walks us through the latest update, sharing lessons learned from real-world IR engagements. youtu.be/RblkqjvGCgk
Download our guide 👉 trustedsec.com/resources/to...

Richard Hogan

@richardihogan.bsky.social

3 months ago

EP25 | Cloud Security, Vibe Coding & WorkIQ: What’s Real and What’s Hype? Podcast Episode · Cloudy with a Chance of Insights · 12/01/2025 · 49m

ICYMI, EP25 of Cloudy with a Chance of Insights is packed with the latest on #Microsoft #SecurityCopilot, #Defender, native #Sysmon in #Windows 11, and our views on #WorkIQ and #vibecoding.

Listen now on Apple Podcast: podcasts.apple.com/us/podcast/e...

Hasamba

@hasamba72.bsky.social

3 months ago

Sysmon config tailored to LOLRMM focuses on process creation, registry persistence, and outbound connection telemetry to detect C2 activity and anomalous process behavior. #Sysmon #LOLRMM #Detection https://bit.ly/44UJQz7

Richard Hogan

@richardihogan.bsky.social

3 months ago

Episode 25 highlight: Sysmon goes native in Windows 11! Better telemetry & simpler event normalisation for security teams.

Explore what this means for your org: open.spotify.com/episode/5dNR...

#Sysmon #CloudSecurity

Red Hot Cyber

@redhotcyber.bsky.social

3 months ago

Sysmon verrà finalmente integrato in Windows 11 e Windows Server 2025 nel 2026

📌 Link all'articolo : www.redhotcyber.com/post/sys...

#redhotcyber #news #microsoft #windows11 #windowsserver #sysmon #cybersecurity #sicurezzainformatica