Micah Babinski – Medium

Micah Babinski

Dive into Sigma Correlation Rules

And go hunting for Cicada3301 ransomware behaviors in the process

Sep 9

Photo of a diving board next to a natural body of water.

Sep 9

Hunting G-G-G-GhostTasks!

Detecting a Spooktacular Persistence Procedure

Oct 30, 2023

Latte art with a ghost in the foam

Oct 30, 2023

It’s Always DarkGate Before the Dawn

Detecting DarkGate, an Emerging Malware Threat

Oct 16, 2023

Photo of a sunrise over Mount Hood.

Oct 16, 2023

Search-ms, WebDAV, and Chill

Detecting a [Re-]emerging Initial Access Method

Aug 1, 2023

Person relaxing on the couch with a computer.

Aug 1, 2023

Button-Pusher to MasterBuilder: Automating SIEM Workflows

Build Confidence and Skill in SIEM Automation

May 26, 2023

Image of a home-made toy robot

May 26, 2023

Brace for Impacket!

Detecting a Red Team (and Threat Actor) Favorite

Apr 17, 2023

Brace for Impacket!

Apr 17, 2023

Detecting OneNote (.One) Malware Delivery

I opened a dozen malicious OneNote files and clicked on every link so you don’t have to

Jan 31, 2023

Detecting OneNote (.One) Malware Delivery

Jan 31, 2023

HTML Smuggling Detection

Introduction

Dec 28, 2022

HTML Smuggling Detection

Dec 28, 2022

Finding the Gap: How Curiosity and Creativity Drives Threat Detection

Let the Real World be your Lab with Mitre ATT&CK, Atomic Red Team, and Sigma

Dec 13, 2022

Finding the Gap: How Curiosity and Creativity Drives Threat Detection

Dec 13, 2022

Catching a Wev(tutil): Threat Detection for the Rest of Us

My detection engineering process in a nutshell

Nov 23, 2022

Catching a Wev(tutil): Threat Detection for the Rest of Us

Nov 23, 2022

Micah Babinski

Micah Babinski

Cybersecurity pro, featuring bagpiping and GIS chops. Lives with wife Quinn and son Malcolm. Loves mountains, Indian food, and mountains of Indian food.

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams