https://socjournal.com/t1070-004-file-deletion-crowdstrike-detection/ 2026-05-31T14:43:01+00:00 https://socjournal.com/t1003-001-lsass-memory-credential-dumping-crowdstrike-detection/ 2026-05-31T14:43:00+00:00 https://socjournal.com/t1003-002-security-account-manager-dumping-crowdstrike-detection/ 2026-05-31T14:43:00+00:00 https://socjournal.com/t1548-002-bypass-user-account-control-microsoft-defender-detection/ 2026-05-31T14:42:59+00:00 https://socjournal.com/t1562-001-disable-or-modify-tools-microsoft-defender-detection/ 2026-05-31T14:42:59+00:00 https://socjournal.com/t1218-011-rundll32-proxy-execution-crowdstrike-detection/ 2026-05-31T14:42:58+00:00 https://socjournal.com/t1218-005-mshta-proxy-execution-crowdstrike-detection/ 2026-05-31T14:42:57+00:00 https://socjournal.com/t1218-010-regsvr32-proxy-execution-crowdstrike-detection/ 2026-05-31T14:42:57+00:00 https://socjournal.com/t1036-005-match-legitimate-name-or-location-crowdstrike-detection/ 2026-05-31T14:42:56+00:00 https://socjournal.com/t1218-001-compiled-html-file-microsoft-defender-detection/ 2026-05-31T14:42:56+00:00 https://socjournal.com/t1027-005-indicator-removal-from-tools-crowdstrike-detection/ 2026-05-31T14:42:55+00:00 https://socjournal.com/t1036-003-rename-system-utilities-sysmon-detection/ 2026-05-31T14:42:55+00:00 https://socjournal.com/t1027-002-software-packing-crowdstrike-detection/ 2026-05-31T14:42:54+00:00 https://socjournal.com/t1027-003-steganography-fortisandbox-detection/ 2026-05-31T14:42:54+00:00 https://socjournal.com/t1562-004-disable-or-modify-system-firewall-palo-alto-detection/ 2026-05-31T14:42:53+00:00 https://socjournal.com/t1027-001-binary-packing-fortisandbox-detection/ 2026-05-31T14:42:53+00:00 https://socjournal.com/t1562-002-disable-windows-event-logging-splunk-detection/ 2026-05-31T14:42:52+00:00 https://socjournal.com/t1558-003-kerberoasting-microsoft-defender-for-identity-detection/ 2026-05-31T14:42:52+00:00 https://socjournal.com/t1558-004-as-rep-roasting-azure-ad-on-prem-detection/ 2026-05-31T14:42:51+00:00 https://socjournal.com/t1021-001-remote-desktop-protocol-cisco-ise-detection/ 2026-05-31T14:42:51+00:00 https://socjournal.com/t1553-002-code-signing-evasion-crowdstrike-detection/ 2026-05-31T14:42:50+00:00 https://socjournal.com/t1654-log-enumeration-cloudtrail-detection/ 2026-05-31T14:42:50+00:00 https://socjournal.com/t1648-serverless-execution-aws-guardduty-detection/ 2026-05-31T14:42:49+00:00 https://socjournal.com/t1651-cloud-administration-command-azure-ad-detection/ 2026-05-31T14:42:49+00:00 https://socjournal.com/t1614-system-location-discovery-crowdstrike-detection/ 2026-05-31T14:42:48+00:00 https://socjournal.com/t1619-cloud-storage-object-discovery-aws-guardduty-detection/ 2026-05-31T14:42:48+00:00 https://socjournal.com/t1657-financial-theft-application-logs-detection/ 2026-05-31T14:42:47+00:00 https://socjournal.com/t1531-account-access-removal-azure-ad-detection-2/ 2026-05-31T14:42:47+00:00 https://socjournal.com/t1021-002-smb-windows-admin-shares-zeek-detection/ 2026-05-31T14:42:46+00:00 https://socjournal.com/t1486-data-encrypted-for-impact-crowdstrike-detection-2/ 2026-05-31T14:42:46+00:00 https://socjournal.com/t1550-002-pass-the-hash-microsoft-defender-for-identity-detection/ 2026-05-31T14:42:45+00:00 https://socjournal.com/t1550-003-pass-the-ticket-crowdstrike-detection/ 2026-05-31T14:42:45+00:00 https://socjournal.com/t1071-001-web-protocols-c2-beaconing-zscaler-detection/ 2026-05-31T14:42:44+00:00 https://socjournal.com/t1071-004-dns-c2-exfiltration-extrahop-detection/ 2026-05-31T14:42:44+00:00 https://socjournal.com/t1048-003-exfiltration-over-unencrypted-non-standard-protocol-palo-alto-detection/ 2026-05-31T14:42:43+00:00 https://socjournal.com/t1567-002-exfiltration-to-cloud-storage-zscaler-detection/ 2026-05-31T14:42:43+00:00 https://socjournal.com/t1046-network-service-discovery-extrahop-detection/ 2026-05-31T14:42:42+00:00 https://socjournal.com/t1135-network-share-discovery-splunk-detection/ 2026-05-31T14:42:42+00:00 https://socjournal.com/t1538-cloud-service-dashboard-discovery-azure-ad-detection/ 2026-05-31T14:42:41+00:00 https://socjournal.com/t1083-file-and-directory-discovery-varonis-detection/ 2026-05-31T14:42:41+00:00 https://socjournal.com/t1217-browser-bookmark-discovery-microsoft-defender-detection/ 2026-05-31T14:42:40+00:00 https://socjournal.com/t1580-cloud-infrastructure-discovery-aws-guardduty-detection/ 2026-05-31T14:42:40+00:00 https://socjournal.com/t1087-account-discovery-microsoft-defender-for-identity-detection/ 2026-05-31T14:42:39+00:00 https://socjournal.com/t1010-application-window-discovery-crowdstrike-detection/ 2026-05-31T14:42:39+00:00 https://socjournal.com/t1212-exploitation-for-credential-access-microsoft-defender-for-identity-detection/ 2026-05-31T14:42:38+00:00 https://socjournal.com/t1621-mfa-request-generation-okta-detection/ 2026-05-31T14:42:38+00:00 https://socjournal.com/t1018-remote-system-discovery-darktrace-detection/ 2026-05-31T14:42:37+00:00 https://socjournal.com/t1119-automated-collection-microsoft-purview-detection/ 2026-05-31T14:42:36+00:00 https://socjournal.com/t1082-system-information-discovery-crowdstrike-detection/ 2026-05-31T14:42:36+00:00 https://socjournal.com/t1039-data-from-network-shared-drive-varonis-detection/ 2026-05-31T14:42:35+00:00 https://socjournal.com/t1025-data-from-removable-media-microsoft-defender-detection/ 2026-05-31T14:42:35+00:00 https://socjournal.com/t1570-lateral-tool-transfer-extrahop-detection/ 2026-05-31T14:42:34+00:00 https://socjournal.com/t1563-remote-service-session-hijacking-microsoft-defender-detection/ 2026-05-31T14:42:34+00:00 https://socjournal.com/t1550-use-alternate-authentication-material-microsoft-defender-for-identity-detection/ 2026-05-31T14:42:33+00:00 https://socjournal.com/t1534-internal-spearphishing-proofpoint-detection/ 2026-05-31T14:42:32+00:00 https://socjournal.com/t1210-exploitation-of-remote-services-palo-alto-detection/ 2026-05-31T14:42:32+00:00 https://socjournal.com/t1021-remote-services-cisco-ise-detection/ 2026-05-31T14:42:31+00:00 https://socjournal.com/t1012-query-registry-sysmon-detection/ 2026-05-31T14:42:31+00:00 https://socjournal.com/t1556-modify-authentication-process-crowdstrike-detection/ 2026-05-31T14:42:30+00:00 https://socjournal.com/t1187-forced-authentication-microsoft-defender-for-identity-detection/ 2026-05-31T14:42:30+00:00 https://socjournal.com/t1027-obfuscated-files-fortisandbox-detection/ 2026-05-31T14:42:29+00:00 https://socjournal.com/t1070-indicator-removal-splunk-detection/ 2026-05-31T14:42:29+00:00 https://socjournal.com/t1562-impair-defenses-microsoft-defender-detection/ 2026-05-31T14:42:28+00:00 https://socjournal.com/t1205-traffic-signaling-darktrace-detection/ 2026-05-31T14:42:28+00:00 https://socjournal.com/t1015-accessibility-features-sysmon-detection/ 2026-05-31T14:42:27+00:00 https://socjournal.com/t1505-server-software-component-imperva-detection/ 2026-05-31T14:42:27+00:00 https://socjournal.com/t1542-pre-os-boot-hp-wolf-security-detection/ 2026-05-31T14:42:26+00:00 https://socjournal.com/t1053-005-scheduled-task-splunk-detection/ 2026-05-31T14:42:26+00:00 https://socjournal.com/t1202-indirect-command-execution-sysmon-detection/ 2026-05-31T14:42:25+00:00 https://socjournal.com/t1137-office-application-startup-microsoft-defender-detection/ 2026-05-31T14:42:25+00:00 https://socjournal.com/t1036-masquerading-crowdstrike-detection/ 2026-05-31T14:42:24+00:00 https://socjournal.com/t1564-hide-artifacts-sysmon-detection/ 2026-05-31T14:42:24+00:00 https://socjournal.com/t1552-unsecured-credentials-varonis-detection/ 2026-05-31T14:42:23+00:00 https://socjournal.com/t1606-forge-web-credentials-azure-ad-detection/ 2026-05-31T14:42:23+00:00 https://socjournal.com/t1557-adversary-in-the-middle-darktrace-detection/ 2026-05-31T14:42:22+00:00 https://socjournal.com/t1539-steal-web-session-cookie-zscaler-detection/ 2026-05-31T14:42:22+00:00 https://socjournal.com/t1003-os-credential-dumping-crowdstrike-detection/ 2026-05-31T14:42:21+00:00 https://socjournal.com/t1558-steal-or-forge-kerberos-tickets-microsoft-defender-for-identity-detection/ 2026-05-31T14:42:21+00:00 https://socjournal.com/t1110-brute-force-azure-ad-detection/ 2026-05-31T14:42:21+00:00 https://socjournal.com/t1218-system-binary-proxy-execution-crowdstrike-detection/ 2026-05-31T14:42:20+00:00 https://socjournal.com/t1497-virtualization-sandbox-evasion-fortisandbox-detection/ 2026-05-31T14:42:20+00:00 https://socjournal.com/t1568-dynamic-resolution-cisco-umbrella-detection-2/ 2026-05-31T14:42:19+00:00 https://socjournal.com/t1055-process-injection-crowdstrike-detection/ 2026-05-31T14:42:19+00:00 https://socjournal.com/t1499-endpoint-denial-of-service-microsoft-defender-detection/ 2026-05-31T14:42:18+00:00 https://socjournal.com/t1565-data-manipulation-varonis-detection/ 2026-05-31T14:42:18+00:00 https://socjournal.com/t1496-resource-hijacking-aws-guardduty-detection/ 2026-05-31T14:42:17+00:00 https://socjournal.com/t1498-network-denial-of-service-cloudflare-detection/ 2026-05-31T14:42:17+00:00 https://socjournal.com/t1490-inhibit-system-recovery-microsoft-defender-detection/ 2026-05-31T14:42:16+00:00 https://socjournal.com/t1489-service-stop-splunk-detection/ 2026-05-31T14:42:15+00:00 https://socjournal.com/t1491-defacement-tripwire-detection/ 2026-05-31T14:42:15+00:00 https://socjournal.com/t1486-data-encrypted-for-impact-crowdstrike-detection/ 2026-05-31T14:42:14+00:00 https://socjournal.com/t1531-account-access-removal-azure-ad-detection/ 2026-05-31T14:42:13+00:00 https://socjournal.com/t1529-system-shutdown-reboot-splunk-detection/ 2026-05-31T14:42:13+00:00 https://socjournal.com/t1485-data-destruction-sysmon-detection/ 2026-05-31T14:42:13+00:00 https://socjournal.com/t1055-012-process-hollowing-crowdstrike-detection/ 2026-05-31T14:42:12+00:00 https://socjournal.com/t1112-modify-registry-sysmon-detection/ 2026-05-31T14:42:12+00:00 https://socjournal.com/t1055-004-asynchronous-procedure-call-injection-crowdstrike-detection/ 2026-05-31T14:42:11+00:00 https://socjournal.com/t1055-003-thread-execution-hijacking-crowdstrike-detection/ 2026-05-31T14:42:11+00:00 https://socjournal.com/t1055-001-dynamic-link-library-injection-crowdstrike-detection/ 2026-05-31T14:42:10+00:00 https://socjournal.com/t1055-002-portable-executable-injection-crowdstrike-detection/ 2026-05-31T14:42:10+00:00 https://socjournal.com/t1497-001-system-checks-sandbox-evasion-fortisandbox-detection/ 2026-05-31T14:42:09+00:00 https://socjournal.com/t1222-file-and-directory-permissions-modification-sysmon-detection/ 2026-05-31T14:42:08+00:00 https://socjournal.com/t1561-disk-wipe-carbon-black-detection/ 2026-05-31T14:42:08+00:00 https://socjournal.com/t1537-transfer-data-to-cloud-account-aws-guardduty-detection/ 2026-05-31T14:42:07+00:00 https://socjournal.com/t1020-automated-exfiltration-varonis-detection/ 2026-05-31T14:42:07+00:00 https://socjournal.com/t1573-encrypted-channel-blue-coat-detection/ 2026-05-31T14:42:07+00:00 https://socjournal.com/t1071-application-layer-protocol-zscaler-detection/ 2026-05-31T14:42:06+00:00 https://socjournal.com/t1090-proxy-extrahop-detection/ 2026-05-31T14:42:06+00:00 https://socjournal.com/t1560-archive-collected-data-sysmon-detection/ 2026-05-31T14:42:05+00:00 https://socjournal.com/t1115-clipboard-data-microsoft-defender-detection/ 2026-05-31T14:42:04+00:00 https://socjournal.com/t1074-data-staged-sysmon-detection/ 2026-05-31T14:42:04+00:00 https://socjournal.com/t1123-audio-capture-microsoft-defender-detection/ 2026-05-31T14:42:03+00:00 https://socjournal.com/t1125-video-capture-crowdstrike-detection/ 2026-05-31T14:42:03+00:00 https://socjournal.com/t1113-screen-capture-crowdstrike-detection/ 2026-05-31T14:42:02+00:00 https://socjournal.com/t1105-ingress-tool-transfer-cisco-umbrella-detection/ 2026-05-31T14:42:01+00:00 https://socjournal.com/t1571-non-application-layer-protocol-darktrace-detection/ 2026-05-31T14:42:01+00:00 https://socjournal.com/t1132-data-encoding-zeek-detection/ 2026-05-31T14:42:00+00:00 https://socjournal.com/t1567-exfiltration-over-web-service-zscaler-detection/ 2026-05-31T14:41:59+00:00 https://socjournal.com/t1029-scheduled-transfer-darktrace-detection/ 2026-05-31T14:41:59+00:00 https://socjournal.com/t1048-exfiltration-over-alternative-protocol-zeek-detection/ 2026-05-31T14:41:58+00:00 https://socjournal.com/t1041-exfiltration-over-c2-channel-palo-alto-detection/ 2026-05-31T14:41:57+00:00 https://socjournal.com/t1011-exfiltration-over-bluetooth-crowdstrike-detection/ 2026-05-31T14:41:57+00:00 https://socjournal.com/t1568-dynamic-resolution-cisco-umbrella-detection/ 2026-05-31T14:41:56+00:00 https://socjournal.com/t1001-data-obfuscation-fortisandbox-detection/ 2026-05-31T14:41:55+00:00 https://socjournal.com/t1102-web-service-zscaler-detection/ 2026-05-31T14:41:55+00:00 https://socjournal.com/t1584-compromise-infrastructure-oracle-cloud-guard-detection-2/ 2026-05-31T14:41:54+00:00 https://socjournal.com/t1219-remote-access-software-microsoft-defender-detection/ 2026-05-31T14:41:54+00:00 https://socjournal.com/t1585-establish-accounts-brand-monitoring-detection-2/ 2026-05-31T14:41:53+00:00 https://socjournal.com/t1586-compromise-accounts-azure-ad-detection-2/ 2026-05-31T14:41:52+00:00 https://socjournal.com/t1587-develop-capabilities-threat-intelligence-detection-2/ 2026-05-31T14:41:52+00:00 https://socjournal.com/t1588-obtain-capabilities-anomali-tip-detection-2/ 2026-05-31T14:41:51+00:00 https://socjournal.com/t1608-stage-capabilities-zscaler-detection-2/ 2026-05-31T14:41:50+00:00 https://socjournal.com/t1189-drive-by-compromise-zscaler-detection-2/ 2026-05-31T14:41:50+00:00 https://socjournal.com/t1133-external-remote-services-okta-detection-2/ 2026-05-31T14:41:49+00:00 https://socjournal.com/t1200-hardware-additions-forescout-detection-2/ 2026-05-31T14:41:48+00:00 https://socjournal.com/t1566-phishing-proofpoint-detection-2/ 2026-05-31T14:41:48+00:00 https://socjournal.com/t1091-replication-via-removable-media-crowdstrike-detection-2/ 2026-05-31T14:41:47+00:00 https://socjournal.com/t1195-supply-chain-compromise-github-detection-2/ 2026-05-31T14:41:46+00:00 https://socjournal.com/t1583-acquire-infrastructure-passive-dns-detection-2/ 2026-05-31T14:41:45+00:00 https://socjournal.com/t1598-phishing-for-information-proofpoint-detection-2/ 2026-05-31T14:41:45+00:00 https://socjournal.com/t1594-search-victim-owned-websites-waf-detection-2/ 2026-05-31T14:41:44+00:00 https://socjournal.com/batch-1-reconnaissance-technique-incident-reports/ 2026-05-31T14:41:43+00:00 https://socjournal.com/soc-investigation-process/ 2026-05-31T14:41:43+00:00 https://socjournal.com/jira-incident-report/ 2026-05-31T14:41:42+00:00 https://socjournal.com/t1595-active-scanning-palo-alto-detection-2/ 2026-05-31T14:41:41+00:00 https://socjournal.com/t1592-gather-victim-host-info-senseon-detection-2/ 2026-05-31T14:41:41+00:00 https://socjournal.com/t1589-gather-victim-identity-info-recorded-future-detection-2/ 2026-05-31T14:41:40+00:00 https://socjournal.com/t1590-gather-victim-network-info-splunk-detection-2/ 2026-05-31T14:41:39+00:00 https://socjournal.com/t1591-gather-victim-org-info-osint-monitoring-detection-2/ 2026-05-31T14:41:39+00:00 https://socjournal.com/t1597-search-closed-sources-digital-shadows-detection-2/ 2026-05-31T14:41:38+00:00 https://socjournal.com/t1596-search-open-tech-databases-shodan-detection-2/ 2026-05-31T14:41:37+00:00 https://socjournal.com/t1593-search-open-web-sites-brand-monitoring-detection-2/ 2026-05-31T14:41:37+00:00 https://socjournal.com/1-t1595-active-scanning-palo-alto-detection/ 2026-05-31T14:41:36+00:00 https://socjournal.com/t1078-valid-accounts-microsoft-defender-for-identity-detection-2/ 2026-05-31T14:41:35+00:00 https://socjournal.com/t1199-trusted-relationship-beyondtrust-detection-2/ 2026-05-31T14:41:35+00:00 https://socjournal.com/t1037-boot-or-logon-initialization-scripts-microsoft-defender-for-identity-detection/ 2026-05-31T14:41:34+00:00 https://socjournal.com/t1176-browser-extensions-microsoft-defender-detection/ 2026-05-31T14:41:33+00:00 https://socjournal.com/t1554-compromise-client-software-binary-tripwire-detection/ 2026-05-31T14:41:33+00:00 https://socjournal.com/t1136-create-account-splunk-detection/ 2026-05-31T14:41:32+00:00 https://socjournal.com/t1543-create-or-modify-system-process-splunk-detection/ 2026-05-31T14:41:31+00:00 https://socjournal.com/t1546-event-triggered-execution-sysmon-detection/ 2026-05-31T14:41:30+00:00 https://socjournal.com/t1134-access-token-manipulation-crowdstrike-detection/ 2026-05-31T14:41:30+00:00 https://socjournal.com/t1548-abuse-elevation-control-mechanism-microsoft-defender-detection/ 2026-05-31T14:41:29+00:00 https://socjournal.com/t1068-exploitation-for-privilege-escalation-qualys-detection/ 2026-05-31T14:41:28+00:00 https://socjournal.com/t1574-hijack-execution-flow-sysmon-detection/ 2026-05-31T14:41:28+00:00 https://socjournal.com/h/ 2026-05-31T14:41:27+00:00 https://socjournal.com/t1197-bits-jobs-crowdstrike-detection/ 2026-05-31T14:41:26+00:00 https://socjournal.com/t1547-boot-logon-autostart-execution-sysmon-detection/ 2026-05-31T14:41:26+00:00 https://socjournal.com/t1098-account-manipulation-microsoft-defender-for-identity-detection/ 2026-05-31T14:41:25+00:00 https://socjournal.com/t1059-command-scripting-interpreter-crowdstrike-detection-2/ 2026-05-31T14:41:24+00:00 https://socjournal.com/t1609-container-administration-command-aqua-detection-2/ 2026-05-31T14:41:24+00:00 https://socjournal.com/t1610-deploy-container-prisma-cloud-detection-2/ 2026-05-31T14:41:23+00:00 https://socjournal.com/t1203-exploitation-for-client-execution-sentinelone-detection-2/ 2026-05-31T14:41:22+00:00 https://socjournal.com/t1559-inter-process-communication-microsoft-defender-detection-2/ 2026-05-31T14:41:22+00:00 https://socjournal.com/t1106-native-api-crowdstrike-detection/ 2026-05-31T14:41:21+00:00 https://socjournal.com/t1053-scheduled-task-splunk-detection/ 2026-05-31T14:41:20+00:00 https://socjournal.com/t1129-shared-modules-sysmon-detection/ 2026-05-31T14:41:20+00:00 https://socjournal.com/t1072-software-deployment-tools-sccm-logs-detection/ 2026-05-31T14:41:19+00:00 https://socjournal.com/t1569-system-services-splunk-detection/ 2026-05-31T14:41:18+00:00 https://socjournal.com/t1204-user-execution-microsoft-defender-detection/ 2026-05-31T14:41:18+00:00 https://socjournal.com/hardware-additions-attack-mitre-attck-t1200-detection-and-response/ 2026-05-31T14:41:17+00:00 https://socjournal.com/t1659-content-injection-imperva-waf-detection/ 2026-05-31T14:34:05+00:00 https://socjournal.com/t1559-inter-process-communication-microsoft-defender-detection/ 2026-05-31T12:58:00+00:00 https://socjournal.com/t1203-exploitation-for-client-execution-sentinelone-detection/ 2026-05-31T12:57:28+00:00 https://socjournal.com/t1610-deploy-container-prisma-cloud-detection/ 2026-05-31T12:56:42+00:00 https://socjournal.com/t1609-container-administration-command-aqua-detection/ 2026-05-31T12:55:06+00:00 https://socjournal.com/t1059-command-scripting-interpreter-crowdstrike-detection/ 2026-05-31T12:54:05+00:00 https://socjournal.com/t1078-valid-accounts-microsoft-defender-for-identity-detection/ 2026-05-31T12:52:39+00:00 https://socjournal.com/t1199-trusted-relationship-beyondtrust-detection/ 2026-05-31T12:51:54+00:00 https://socjournal.com/t1195-supply-chain-compromise-github-detection/ 2026-05-31T12:50:58+00:00 https://socjournal.com/t1091-replication-via-removable-media-crowdstrike-detection/ 2026-05-31T12:49:54+00:00 https://socjournal.com/t1566-phishing-proofpoint-detection/ 2026-05-31T12:48:14+00:00 https://socjournal.com/t1200-hardware-additions-forescout-detection/ 2026-05-31T12:42:02+00:00 https://socjournal.com/t1133-external-remote-services-okta-detection/ 2026-05-31T12:41:03+00:00 https://socjournal.com/t1190-exploit-public-facing-app-imperva-waf-detection/ 2026-05-31T12:40:18+00:00 https://socjournal.com/t1189-drive-by-compromise-zscaler-detection/ 2026-05-31T12:39:06+00:00 https://socjournal.com/t1608-stage-capabilities-zscaler-detection/ 2026-05-31T12:38:20+00:00 https://socjournal.com/t1588-obtain-capabilities-anomali-tip-detection/ 2026-05-31T12:36:36+00:00 https://socjournal.com/t1587-develop-capabilities-threat-intelligence-detection/ 2026-05-31T12:35:47+00:00 https://socjournal.com/t1586-compromise-accounts-azure-ad-detection/ 2026-05-31T12:34:50+00:00