Sysmon v15.0, Autoruns v14.1, and Process Monitor v3.95
...This update to Sysmon, an advanced host security monitoring tool, sets the service to run as a protected process, hardening it against tampering, adds a new event, FileExecutableDetected, for when new executable images are saved to files, and fixes a system hang occurring in certain situations due to an interaction between network and file system events....
https://techcommunity.microsoft.com/blog/sysinternals-blog/sysmon-v15-0-autoruns-v14-1-and-process-monitor-v3-95/3857916
Sysmon v15.14 | Microsoft Community Hub
...Sysmon successfully accepts, validates and updates configuration files that are syntactically incorrect. One example was provided by Shane_King above, another one would be specifying a single event type multiple times:...
https://techcommunity.microsoft.com/blog/sysinternals-blog/sysmon-v15-14/4056285
Process Monitor 2.0 for Linux and Sysmon v15.15 | Microsoft Community Hub
...Process Monitor for Linux, a convenient and efficient way for developers to trace the syscall activity on the system, is now updated to support a broader range of Linux distributions....
https://techcommunity.microsoft.com/blog/sysinternals-blog/process-monitor-2-0-for-linux-and-sysmon-v15-15/4199063
Sysmon - The rules about rules | Microsoft Community Hub
...Those who have been using Sysmon for a while will be aware that for some time now there has been a disparity between how filter rules were intended to work and how they worked in practice. The purpose of this post is to hopefully clarify some of the common sources of confusion and to explain why things are the way they are. With that said, let?s dive straight in. Multiple rules on the same ......
https://techcommunity.microsoft.com/blog/sysinternals-blog/sysmon---the-rules-about-rules/733649
Sysmon v12.0, Process Monitor v3.60, Procdump v10.0 and ARM64 ports
...Learn about the latest changes to Sysmon (v12.0), Process Monitor (v3.60), Procdump (v10.0) and several ARM64 ports...
https://techcommunity.microsoft.com/blog/sysinternals-blog/sysmon-v12-0-process-monitor-v3-60-procdump-v10-0-and-arm64-ports/1649402
Sysmon v15.12 | Microsoft Community Hub
...This update to Sysmon fixes a case of system hanging on uninstall, a crash occurring while parsing configuration files, and a memory leak....
https://techcommunity.microsoft.com/blog/sysinternals-blog/sysmon-v15-12/4025164
VBScript deprecation: Detection strategies for Windows - Windows IT Pro ...
...Examine enterprise-ready mechanisms to detect VBScript usage across all Windows platforms in preparation for deprecation....
https://techcommunity.microsoft.com/blog/windows-itpro-blog/vbscript-deprecation-detection-strategies-for-windows/4414325
AccessChk v6.15, RAMMap v1.61 and Sysmon v13.34 | Microsoft Community Hub
...This Sysmon update improves performance for UDP network event tracing (the NetworkConnect global option), solves a rare system hang (blue screen) when monitoring ProcessCreate events and a memory/handle leak on ImageLoad events with several exclude clauses....
https://techcommunity.microsoft.com/blog/sysinternals-blog/accesschk-v6-15-rammap-v1-61-and-sysmon-v13-34/3359656
Sysmon log collection via Azure monitor agent (AMA) | Microsoft ...
...Sysmon log collection via Azure monitor agent (AMA) Hi Team I have a quick question regarding Azure monitoring agent. I want to capture Sysmon logs from a Azure machine which has AMA extension installed and data collection rule set to all events....
https://techcommunity.microsoft.com/discussions/microsoftsentinel/sysmon-log-collection-via-azure-monitor-agent-ama/2634799
RDCMan v3.0 and Sysmon 1.3.6 for Linux | Microsoft Community Hub
...RDCMan v3.0 This update to RDCMan, a tool for managing and connecting to Remote Desktop sessions, implements Windows 11 Terminal Services client features,......
https://techcommunity.microsoft.com/blog/sysinternals-blog/rdcman-v3-0-and-sysmon-1-3-6-for-linux/4410914