你可能會喜歡
ps - I created an AD Security resource kit for IT admins. If you want to know where to start & what issues to look for, then this is for you. You can get access to it by signing up for my free email newsletter. If you're already a subscriber, DM me for the link! 👇 Access it…
Something I see sysadmins regularly underestimate is how overlooked shares can be dangerous. For example: - logon scripts many times reference files/exes on shares - software installs live on shares - tasks reference scripts on shares All of which, a single misconfigured…
Day 1 in a client environment, here’s what I’m checking first… Insecure services & tasks Modifiable 3rd party software Unattend files App control/powershell restrictions LAPS Writable system paths These are some of the quickest wins for local privilege escalation and sometimes…
I've got a beefy gaming laptop that does a pretty decent job at cracking. Its nice because I can also use it as a hot plate to keep my coffee warm
The more I see tiered security implementations in environments, the more I am convinced that true and strict tiered security is a myth and is completely unattainable by most. And I am actually considering even saying that it's always necessary to go to that extent. I've got…
I very intentionally restrict the most privileged groups in our forest from logging into our machines with these policies because none of them should ever be touching a box with those kind of permissions.
A built-in Windows/AD feature that provides immense ROI for internal security… + Logon restriction GPOs Deny logon locally Deny logon through Remote Desktop Services Deny access to this computer from the network Seriously not enough orgs using these
Heads-up on CVE-2025-55182: a CVSS 10.0 pre-auth RCE affecting React Server Components 19.x. Can be triggered through malicious HTTP payloads, so there will be chaos when a POC comes out. On that note...there are many fake POCs circulating. Be careful what you run. A POC is not…
Should I try this on my next pentest? 😅
I don't know if it still works like it did accidentally about 10 years ago when someone joined a Windows box to a domain and the box was named "LOCALHOST," but that was a pretty effective way to mess with a lot of machines all at once. Suddenly localhost isn't 127.0.0.1...
Zzzzz now off to bed 🥱
We have added detection for the exploit POC released for CVE-2025-55182 into our React Server honeypot 🍯 Our stream alerting logic has been updated and no action is needed from the users. 👉console.defusedcyber.com/signup
A built-in Windows/AD feature that provides immense ROI for internal security… + Logon restriction GPOs Deny logon locally Deny logon through Remote Desktop Services Deny access to this computer from the network Seriously not enough orgs using these
What makes my life more difficult as an “authorized insider threat?” Proper tiered security, network segmentation, application control, regular audits of file shares for credential files, to name a few…
Take this with a grain of salt because YMMV but I’ve seen NDR products detect ransomware when EDR did not. The hard sell for these products right now imo is: cost & tuning. They are very expensive and they take a long time to get them working well. That being said, I do think…
Share your experiences, your journey, your perspectives. You never know how you might impact someone’s life in a positive way because of it. 🙏
If you’re waiting until you’re an “expert” to share, plz stop. @techspence shares some wisdom, then we dig into his PowerShell projects and practical security tools you can use to get ahandle on your environment. 🎧 powershellpodcast.podbean.com/e/free-securit… #security #sysadmin #powershell
Cybersecurity has no finish lines… - Tools don’t solve everything - Pentests don’t find every flaw - Hardening doesn’t close every gap - Patching never ends - Compliance is only the starting point There is no done. It’s part of what drives me every day, knowing there is much…
No doubt pentest pricing is all over the place and of course it varies depending on the engagement. From premium to super cheap. But the price of a pentest, in my opinion, should not be solely dependent upon static numbers like IPs. Just because theres only a handful of IPs…
🚨𝗕𝗶𝗴 𝗱𝗮𝘆 𝗳𝗼𝗿 𝗗𝗲𝘁𝗲𝗰𝘁𝗶𝗼𝗻𝗦𝘁𝗿𝗲𝗮𝗺. 𝗢𝗻𝗲 𝗼𝗳 𝗼𝘂𝗿 𝗹𝗮𝗿𝗴𝗲𝘀𝘁 𝗿𝗲𝗹𝗲𝗮𝘀𝗲𝘀 𝘆𝗲𝘁. The platform now supports official pySigma validation fully in-browser, compiled to WebAssembly. Same validation as sigma-cli. Thanks to @sifex from…
Active Directory misconfigs would happen A LOT less if there was was a dialogue box you had to accept before making any change, especially permissions. “Bro, you sure you want to give Domain Users FullControl over the root of the domain?”
Detecting misconfiguration in AD is at least equally if not more important than detecting threats. But the money that’s spent doesn’t match up with that.
United States 趨勢
- 1. Cowboys 73.9K posts
- 2. #heatedrivalry 26.3K posts
- 3. LeBron 108K posts
- 4. Gibbs 20.5K posts
- 5. Pickens 14.7K posts
- 6. Lions 92.1K posts
- 7. scott hunter 5,614 posts
- 8. fnaf 2 26.8K posts
- 9. Paramount 20.8K posts
- 10. Warner Bros 22.9K posts
- 11. Shang Tsung 31.1K posts
- 12. #PowerForce N/A
- 13. #OnePride 10.6K posts
- 14. Ferguson 11K posts
- 15. Brandon Aubrey 7,438 posts
- 16. CeeDee 10.6K posts
- 17. Eberflus 2,690 posts
- 18. Cary 40.9K posts
- 19. #criticalrolespoilers 2,121 posts
- 20. Elena 14.3K posts
你可能會喜歡
-
Olaf Hartong
@olafhartong -
Josh
@passthehashbrwn -
Will Dormann is on Mastodon
@wdormann -
Myrtus
@Myrtus0x0 -
Connor McGarr
@33y0re -
Cas van Cooten
@chvancooten -
Greg Lesnewich
@greglesnewich -
J⩜⃝mie Williams
@jamieantisocial -
Dray Agha
@Purp1eW0lf -
Nathan McNulty
@NathanMcNulty -
Chris Sanders 🔎 🧠
@chrissanders88 -
sn🥶vvcr💥sh
@snovvcrash -
Mike Felch (Stay Ready)
@ustayready -
Jeff McJunkin
@jeffmcjunkin -
@[email protected]
@christruncer
Something went wrong.
Something went wrong.