Advanced Threat Hunting as a Proactive Security Approach

​

Not all malicious alerts are tagged as red by EDR or SIEM tools. A proactive approach needs to be in place to identify unknown zero-day or advanced persistent threats within the environment, tracking and monitoring them, and finding or fixing an attack vector from the legitimate software. We will also demonstrate two arbitrary code executions on Microsoft Teams and LOLbins (Living off the land binaries), as well as the recent discovery of a suspected threat actor.