Hi, I’m Syed. Explore my articles as I embark on this journey of learning more about Forensics, Threat Hunting, and Cyber-threat Intelligence.

Now that the intelligence community is finally reaching its due maturity, advisories shared with fellow organizations often contain useful detection use-cases. If we were to travel back a few years, an average analyst would dread the manual conversion of these use-cases into searchable queries for the logging platform or SIEM…

Attackers have long been searching for ways to meddle with the day-to-day operations of an average computer user. It’s no wonder the Microsoft Office suite has been one of the key targets of adversaries to compromise endpoints. What better than to dispatch a seemingly-harmless office document to a rather naive…

It’s unfortunate that the Windows Command Prompt, the descendant of the prehistoric command.com from MS-DOS, has no persistent storage of command execution. It does, however, support temporary storage of commands executed in an active session. So, if an attacker proceeds to enumerate other hosts or ex-filtrate data using a console…

Before you get started with the deployment of QRadar in your infrastructure, you need to understand the several components it makes use of to function properly. IBM QRadar SIEM (Security Information and Event Management) features a modular architecture where you can scale its deployment to add on more devices, endpoints…

Syed Hasan

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store