Utilize Sysmon’s Clipboard Monitoring Like a Boss
Back in September, Sysmon v12 graced us with the new ability to monitor clipboards. You can read about this new capability in Olaf’s blog. In this blog, I want to focus on how you can use this new capability to detect RDP activity by hands-on keyboard actor families like Human-operated ransomware from your SIEM. Sysmon […]