You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
threat activity
About this tag
The threat activity tag on WindowsForum.com covers discussions about detecting and responding to post-compromise threat activity, including the use of tools like the CISA Hunt and Incident Response Program (CHIRP) for finding indicators of compromise. Topics include advanced persistent threat (APT) actors, compromises of SolarWinds Orion products, and activity within Microsoft 365/Azure environments. The tag focuses on cybersecurity alerts, forensics collection, and network defense strategies relevant to Windows and enterprise IT environments.
Original release date: March 18, 2021
Summary
This Alert announces the CISA Hunt and Incident Response Program (CHIRP) tool. CHIRP is a forensics collection tool that CISA developed to help network defenders find indicators of compromise (IOCs) associated with activity detailed in the following...