Improve threat detection with three new Sherlocks in Dedicated Labs.

Dive into this week's trio of new Sherlocks, each spotlighting the latest vulnerabilities. Let’s explore those defensive scenarios together!

Brutus

Enhance your log analysis skills by exploring Unix auth.log and wtmp logs to investigate a Confluence server breach via SSH brute-forcing. Beyond brute-force analysis, you'll uncover insights into privilege escalation, persistence, and command execution.

BTF

Delve into MFT (Master File Table) forensics, mastering tools and techniques to analyze MFT artifacts for malicious activity. Utilizing MFTECmd, TimeLine Explorer, and a Hex editor, you'll parse MFT files, analyze results, and recover file contents.

Unit42

Learn to navigate Sysmon logs and leverage key EventIDs to detect and analyze malicious activities on Windows systems. Inspired by Palo Alto's Unit42 research on an UltraVNC campaign, you'll explore the initial access stage of the attack and gain valuable insights into threat detection and analysis.

Don’t have access to Dedicated Labs yet? Reach out to your Account Manager or click the button below to explore more.