Today’s diary is an extension to the one I posted yesterday about hunting for malicious files crossing your network[1]. Searching for new IOCs is nice but there are risks of missing important pieces of information! Indeed, the first recipe could miss some malicious files in the following scenarios:
Article Link: https://isc.sans.edu/diary/rss/23477