Investigate suspicious Windows processes using Sysinternals Sysmon

This article on Microsoft’s Technet Blog is really interesting: Moti Bani explain how to investigate suspicious activity on servers using Sysmon Tool.

Continue reading “Investigate suspicious Windows processes using Sysinternals Sysmon”