In this Help Net Security video, Lee Archinal, Senior Threat Hunter at Intel 471, walks through practical strategies for detecting malicious activity involving Living Off The Land binaries (LOLBins). These are legitimate tools built into operating systems, such as PowerShell, that can be hijacked by attackers to evade detection. Archinal explains how to identify suspicious usage based on user roles, abnormal behavior, and log data, and dives into techniques such as encoded command detection, process … More
The post How to threat hunt Living Off The Land binaries appeared first on Help Net Security.
This article has been indexed from Help Net Security