[!NOTE] All registered tasks are configured to bypass laptop AC constraints (they will execute successfully even when unplugged). However, because SpoolerWatchdog runs periodically every 5 minutes, it ...
description: The following analytic detects the enabling of the SMB1 protocol via `powershell.exe`. It leverages PowerShell script block logging (EventCode 4104) to identify the execution of the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results