Hunting for FIN6 Behavior with Sysmon


Now it’s time to talk again about technical Threat Hunting. This time, we’ll see how to use Microsoft’s Sysinternals tools in order to look for one of the most active Threat Actors in these times: FIN6. The main activity of this group is stole payment card data and send this data in underground forums, and as we’re now in a more virtual world than ever, it’s also more important than ever to take care of our personal data.

Let’s talk a little about Threat Actors and FIN6

Before start with techn…

Read More