Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild.

According to security researchers at Kaspersky, a customer showed this new behavior. The method injects shellcode payloads into the event logs for Windows' Key Management Services (KMS).

An unprecedented discovery made by Kaspersky could have serious consequences for those using Windows operating systems. The cybersecurity company published an article on May 4 detailing that ...

Finding ransomware traces in Event Logs The investigation strategy proposed by JPCERT/CC covers four types of Windows Event Logs: Application, Security, System, and Setup logs.

Detecting high-risk events in cloud and container environments is often described as finding a needle in a haystack. That no longer needs to be the case for your organization.

Microsoft's Sysmon and Azure Sentinel are easy and inexpensive ways to log events on your network. Here's how to get started with them.