In diary entry “Sysmon and Alternate Data Streams”, we reported that Sysmon records the content of small Alternate Data Streams (containing text) in the event log.
Article Link: https://isc.sans.edu/diary/rss/26366
In diary entry “Sysmon and Alternate Data Streams”, we reported that Sysmon records the content of small Alternate Data Streams (containing text) in the event log.
Article Link: https://isc.sans.edu/diary/rss/26366