Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild.

Microsoft's Sysmon and Azure Sentinel are easy and inexpensive ways to log events on your network. Here's how to get started with them.

Finding ransomware traces in Event Logs The investigation strategy proposed by JPCERT/CC covers four types of Windows Event Logs: Application, Security, System, and Setup logs.

According to security researchers at Kaspersky, a customer showed this new behavior. The method injects shellcode payloads into the event logs for Windows' Key Management Services (KMS).

An unprecedented discovery made by Kaspersky could have serious consequences for those using Windows operating systems. The cybersecurity company published an article on May 4 detailing that ...

The problem can crop up after a user installs the July 2025 Windows non-security preview update or the August 2025 Windows security update. According to Microsoft, "Event Viewer may display an ...