Securonix says PureLogs infection starts with a fake PDF JavaScript file and uses PowerShell, fileless .NET loading, and LOLBins.
[!NOTE] All registered tasks are configured to bypass laptop AC constraints (they will execute successfully even when unplugged). However, because SpoolerWatchdog runs periodically every 5 minutes, it ...
description: The following analytic identifies modifications to registry keys commonly used for persistence mechanisms. It leverages data from endpoint detection sources like Sysmon or Carbon Black, ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results