In this repository, I will cover various security approaches to attack techniques and share new discoveries about security breaches. Through the new discoveries and learnings shared in this repository, I hope to provide helpful insights for those involved in security operations, hunting, incident response, and more.
| Day | Title | Comment |
|---|---|---|
| Day1 | Day1-Basic-Malware-Analysis.md | |
| Day2 | Day2-APT29-Part1-Overview.md Day2-APT29-Part2-Midnight-Blizzard.md Day2-APT29-Part3-Midnight-Blizzard.md Day2-APT29-Part4-Midnight-Blizzard-MDE-EvaluationLab.md |
Russia-based activity group |
| Day3 | Day3-Microsoft-ThreatActorNamingTaxonomy.md | |
| Day4 | Day4-Mango-Sandstorm-Part1-Overview.md Day4-Mango-Sandstorm-Part2-AttackTechniques-Insights.md Day4-Mango-Sandstorm-Part3-AttackTechniques-Insights.md |
Iran-based activity group |
| Day5 | Day5-AntivirusConfig-Tips.md | |
| Day6 | Day6-M365D-XDR-AutomaticAttackDisruption.md | AiTM, BEC, Human-operated ransomware |
let SecurityResearcher-Note = datatable(id: int, value: string)
[
1, "Malware analysis",
2, "Incident Response",
3, "Threat Hunting",
4, "New Attack techniques",
5, "Critical vulnerabilities"
6, "Kusto Query Language",
];
SecurityResearcher-Note
| project id, valueThe views and opinions expressed herein are those of the author and do not necessarily reflect the views of company.