Threat Hunting with Microsoft Defender XDR: Reconstructing a Ransomware Intrusion

Threat Hunting with Microsoft Defender XDR: Reconstructing a Ransomware Intrusion

April 19, 2026

Reconstructing a multi-stage ransomware attack using Microsoft Defender telemetry and KQL, covering reconnaissance, credential discovery, persistence, staging, and impact

April 19, 2026

Featured Posts

Threat Hunting with Microsoft Defender XDR (including Defender for Endpoint): Investigating Tor Browser Activity

Threat Hunting with Microsoft Defender XDR (including Defender for Endpoint): Investigating Tor Browser Activity

March 25, 2026

Building a Governance-Driven Vulnerability Management Program from Scratch

cybersecurity

Building a Governance-Driven Vulnerability Management Program from Scratch

March 03, 2026

MITRE ATT&CK vs The Cyber Kill Chain: Understanding Two Core Threat Models

cybersecurity

MITRE ATT&CK vs The Cyber Kill Chain: Understanding Two Core Threat Models

February 26, 2026

Recent Posts

Building an Incident Escalation Playbook – From Alerts to Action

cybersecurity

Building an Incident Escalation Playbook – From Alerts to Action

February 05, 2026

Useful Websites & Resources for Cybersecurity News

cybersecurity

Useful Websites & Resources for Cybersecurity News

January 22, 2026

SIEM Log Analysis: Detecting Cleartext Traffic and HTTP-Based Data Exfiltration

cybersecurity

SIEM Log Analysis: Detecting Cleartext Traffic and HTTP-Based Data Exfiltration

January 08, 2026

Building an ISO 27001 Risk Register: A Practical Exercise in Seeing Risk Clearly

cybersecurity

Building an ISO 27001 Risk Register: A Practical Exercise in Seeing Risk Clearly

December 15, 2025

四季 Shiki: Seasons, Stillness, and Balance

Photography

四季 Shiki: Seasons, Stillness, and Balance

November 03, 2025

Lessons from MIT: Cybersecurity for Managers – A Playbook

cybersecurity

Lessons from MIT: Cybersecurity for Managers – A Playbook

October 31, 2025