News from Mark Russinovich on Twitter RRS feed

  • Question

  • Mark tweetted a lot these days.. here some of the announces he made..

    Coming soon to Sysmon: clipboard logging for malicious RDP session DFIR, 
    and shredded file recovery for capturing hacking tools

    How it works: It's both (a file move before shredding writes proceed). The shredding detection 
    heuristics are based on real-world attacker shredding behaviors.

    TrustedSec launch a Sysmon Community guide:

    Also coming soon: Process Explorer dark mode

    Coreinfo for ARM64 coming soon...

    And probably many many other things still on queue..


    • Edited by mariora_ Friday, February 7, 2020 9:53 AM typo
    Friday, February 7, 2020 9:01 AM