Skip to main content

Help Center Logpoint Docs Idea Portal Logpoint.com

- - Knowledge base
Groups
Events

Community
UEBA - User and Entity Behaviour Analytics
Use Cases

Use Cases

Stay up to date with the latest & greatest

3 Topics
9 Replies

When you subscribe we will email you when there is a new topic in this category

3 Topics

Henrik MartinssonNew Participant

asked in Use Cases

Unable to hunt down the user/process that failes to authenticate on DC

I monitor for failed authentications on DC’s.labels: Authentication | Fail | Kerberos | UserMy top failed authentications is on one client/one account that I can’t hunt down. I have looked at all process’es and their “credential’s” + installed sysmon on the client. But I can’t find the process or user. Any ideas how I could hunt this down?

A

Anonymous

posted in Use Cases

Hunting and remediating BlackCat ransomware

Known by many names, including ALPHV, AlphaV, ALPHVM, and Noberus, BlackCat ransomware made headlines for its successive attacks on high-profile targets. Like Black Basta and Lockbit, it also operates under the Ransomware-as-a-Service (RaaS) model and uses double and sometimes triple extortion techniques.BlackCat uses its public leak site to intimidate victims, where anyone can search and access the leaked victim information easily. The highest ransom they have demanded so far is $14 million and it’s speculated that it has similarities with ransomware families like Darkside, Blackmatter, and REvil in regard to the tools, filenames, and techniques they use. To read more about means of protecting your organisation against Black Cat, read our blog on the link below.https://www.logpoint.com/en/blog/hunting-and-remediating-blackcat-ransomware/#detecting-blackcat

A

Friedrich von JagwitzLogPoint Team

asked in Use Cases

UEBA Risk Score

LogPoint UEBA: User Risk Score How are the User Risk Scores being calculated (“weighted totals”, “fuzzy logic”, ...)?

Badge winners

Gustav Elkjær Rødsgaardhas earned the badge Valued Contributor
Gustav Elkjær Rødsgaardhas earned the badge Easy talker
Gustav Elkjær Rødsgaardhas earned the badge Conversation starter
Gustav Elkjær Rødsgaardhas earned the badge Innovator
markus.nebel@8com.dehas earned the badge Silver Contributor

Show all badges

Powered by Gainsight

Terms & Conditions Cookie settings

Sign up

Already have an account? Login

Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.

LOGIN AS PARTNER OR CUSTOMER Login with LinkedIn

Login to the community

Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.

LOGIN AS PARTNER OR CUSTOMER Login with LinkedIn

Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.

Enter your e-mail address

Back to overview

Scanning file for viruses.

Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.

OK

This file cannot be downloaded

Sorry, our virus scanner detected that this file isn't safe to download.

OK

Privacy policy EULA Terms of service

Copyright © 2021 LogPoint. All rights reserved.