In this article, Digital Guardian's cybersecurity chief, Bandos, explains how to spot intrusions and password dumping programs, locate dropper software, and block secret backdoors in your company's network. In an interview with techrepublic, he also shared the threat hunting process and best practices for rooting out and responding to intrusions.
Here are the list of threat hunting process and best practices:
- Low and slow connections
- Suspicious sites
- Failed logon attempts
- Explicit credentials
- Privilege changes
- Low-hanging fruit
- Signs of password dumping programs
- Common backdoors
- Dropper programs
Read more...