Stories from the SOC: Compromised account detected

August 4, 2020 | Edwardo Rodriguez
Edwardo Rodriguez

Edwardo Rodriguez

Sr. Specialist - Technology Security, AT&T

Edwardo Rodriguez joined the Managed Threat Detection and Response (MTDR) team as a Tier I analyst on November 2019. Edwardo’s previous experience includes consulting as a detection analyst for the world’s largest futures exchange . He considers alarm fatigue the enemy and presents clients with investigations that cut to the bottom line. His favorite part of the job is two way communication with clients that result in risk mitigation and detecting those indicators that get missed with one way dialogue.

August 4, 2020 | Edwardo Rodriguez

Stories from the SOC: Compromised account detected

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Executive Summary The Managed Threat Detection and Response (MTDR) analyst team was notified of multiple logins from different countries. With the shift to a…

July 9, 2020 | Edwardo Rodriguez

Stories from the SOC - Credential Dumping

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Executive Summary During the Investigation of a Suspicious Security Critical Event alarm, we discovered credentials had been dumped from the NTDS.dit, which is…

Get the latest security news in your inbox.

Subscribe via Email

May 6, 2020 | Edwardo Rodriguez

Recalling the ILOVEYOU worm from 20 years ago

Twenty years ago, the ILOVEYOU worm utilized the most basic human emotion, the desire to be loved. It replicated itself at unprecedented rates that spurred the imagination of hackers and the cynicism of the general public. The on-line world was never the same. As with all worms, the ILOVEYOU worm operated as a standalone program.  It is a Visual…