threat activity

About this tag
The threat activity tag on WindowsForum.com covers discussions about detecting and responding to post-compromise threat activity, including the use of tools like the CISA Hunt and Incident Response Program (CHIRP) for finding indicators of compromise. Topics include advanced persistent threat (APT) actors, compromises of SolarWinds Orion products, and activity within Microsoft 365/Azure environments. The tag focuses on cybersecurity alerts, forensics collection, and network defense strategies relevant to Windows and enterprise IT environments.
  1. News

    VIDEO AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool

    Original release date: March 18, 2021 Summary This Alert announces the CISA Hunt and Incident Response Program (CHIRP) tool. CHIRP is a forensics collection tool that CISA developed to help network defenders find indicators of compromise (IOCs) associated with activity detailed in the following...
Back
Top