Microsoft Sentinel – Kusto queries for Killnet and geo lookup

Yesterday, many Norwegian websites were targeted in a DDoS attack by an activist group called Killnet as you can read more about here –> Norway hit with cyberattack, temporarily suspending service (yahoo.com) Killnet does primarily DDoS attacks using either flooding with POST or GET operations on layer 7 or TCP SYN flood attacks on layer 4. …

Microsoft Sentinel – Kusto queries for Killnet and geo lookup Read More »