Similar User
@strandjs
@Binary_Defense
@_nullbind
@M_haggis
@HackerHurricane
@djhohnstein
@MarkBaggett
@lkarlslund
@_devonkerr_
@obscuresec
@sneakerhax
@PhilipTsukerman
@Threatzman
@1nPr0c
@Antonlovesdnb
Organisation admins can turn it off with gpo: Configuration\Policies\Administrative Templates\Microsoft Office 2016\Privacy\Trust Center. learn.microsoft.com/en-us/microsof… People should read this: learn.microsoft.com/en-us/microsof…
Good writeup
Extracting Plaintext Credentials from Palo Alto Global Protect - Shells.Systems shells.systems/extracting-pla…
Coming in early 2025: Quick Machine Recovery. This feature will enable IT administrators to execute targeted fixes from Windows Update on PCs, even when machines are unable to boot, without needing physical access to the PC. This remote recovery will help with future #CrowdCry…
My new blog outlining the largest security changed to Windows in a decade blogs.windows.com/windowsexperie…
Chinese hackers exploit Fortinet VPN zero-day to steal credentials - @billtoulas bleepingcomputer.com/news/security/…">bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…">bleepingcomputer.com/news/security/…
Not sure I agree 100%, but interesting and paper linked in comments
Did I stutter these last 3 years? Stop. Sending. Fake. Phishing. Emails. Thank you.
Did I stutter these last 3 years? Stop. Sending. Fake. Phishing. Emails. Thank you.
Have you read about all the Active Directory Certificate Services (AD CS) 🔐attack paths but never tried them out? @bradyjmcl has updated the ludus_adcs role to enable ESC1,2,3,4,5,6,7,8,9,11,13 and 15 attack paths in your lab! Easy 3 step guide here: docs.ludus.cloud/docs/environme…
How did I miss this last month!?? CISA has released version 2.0 of Logging Made Easy. (If you'll recall, CISA took over developing it from UK's NCSC.) And if you don't know what Logging Made Easy is... well, it's in the name. 🙂 Intended for orgs with one-person IT staffs and up.
A year ago, @CISAgov launched Logging Made Easy (LME) to help small/medium orgs, gov’ts, and critical infrastructure detect cyber threats. Introducing LME 2.0—featuring advanced threat detection. #LoggingMadeEasy github.com/cisagov/LME
Microsoft Exchange adds warning to emails abusing spoofing flaw - @serghei bleepingcomputer.com/news/security/…">bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…">bleepingcomputer.com/news/security/…
🚨#Exchange #Server #Security Updates November 2024 released for Exchange 2016 / 2019 bit.ly/3ABssni
Fix this @DocuSign
DocuSign's Envelopes API abused to send realistic fake invoices - @billtoulas bleepingcomputer.com/news/security/…">bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…">bleepingcomputer.com/news/security/…
Just published a new video 👇 Are you leaving your Microsoft Graph tokens unprotected?
Microsoft: Windows Server 2025 now generally available alongside System Center 2025 | Neowin neowin.net/news/microsoft…
msft has flipped a switch and now every user in *your* org can get a trial license for m365 copilot "without an admin's help", by default this includes building their own custom agents (!) turn this off at admin -> self-service purchase -> Do not allow
It's all here... CIS Windows 11 Enterprise Benchmark v3.0.0
THURSDAY TRAINING REPOST! Shift gears to a proactive defense by embracing offensive tactics. Beat attackers to the finish line before they even start their engines w/ @hackandbackpack & @TimMedin Offense for Defense kernelcon.org/training#offen… April 1 - 2, 2025
Sophos detailed to me its 5-year cat-and-mouse game with Chinese hackers repeatedly exploiting its firewalls. The company resorted to installing spy "implants" on devices the hackers were testing on—tracing them to a university and contractor in Chengdu. wired.com/story/sophos-c…
We have all heard about attackers leveraging firewall policies or WFP to block EDRs from communicating with their servers. Today I am releasing a @HuntressLabs blog talking about how to mitigate that tampering technique within EDR products: huntress.com/blog/silencing…
United States Trends
- 1. Chargers 56,5 B posts
- 2. Ravens 68 B posts
- 3. Quentin Johnston 5.892 posts
- 4. Dayton 4.022 posts
- 5. Kerr 7.497 posts
- 6. Drake 354 B posts
- 7. #WWERaw 67,5 B posts
- 8. Lamar 183 B posts
- 9. Canada 421 B posts
- 10. Seth Trimble N/A
- 11. Herbert 19,8 B posts
- 12. Cadeau 9.576 posts
- 13. Kofi 16,3 B posts
- 14. #BALvsLAC 9.334 posts
- 15. Jalen Washington N/A
- 16. Derrick Henry 9.366 posts
- 17. Nets 15,6 B posts
- 18. Ladd 4.862 posts
- 19. Kings 54,9 B posts
- 20. Podz 2.523 posts
Who to follow
-
strandjs - [email protected]
@strandjs -
Binary Defense
@Binary_Defense -
Scott Sutherland
@_nullbind -
The Haag™
@M_haggis -
Hacker Hurricane
@HackerHurricane -
Dwight Hohnstein
@djhohnstein -
Mark Baggett
@MarkBaggett -
Lars Karlslund - also on @[email protected]
@lkarlslund -
Devon Kerr
@_devonkerr_ -
obscuresec.bsky.social
@obscuresec -
sneakerhax
@sneakerhax -
Philip Tsukerman
@PhilipTsukerman -
Paul (DEFENDER)
@Threatzman -
Jamie Shaw 🎅🎄
@1nPr0c -
Anton
@Antonlovesdnb
Something went wrong.
Something went wrong.