Max Groot & Erik Schamper TL;DR Introduction During incident response engagements we often encounter antivirus applications that have rightfully triggered on malicious software that was deployed by threat actors. Most commonly we encounter this for Windows Defender, the antivirus solution that is shipped by default with Microsoft Windows. Windows Defender places malicious files in quarantine … Continue reading Reverse, Reveal, Recover: Windows Defender Quarantine Forensics
This article has been indexed from Fox-IT International blog