Another day of Cybersecurity
Roses Are Red, Violets are Blue, and If you think your RDP is secure, I’ve some ransomware.
There’s been a tremendous increase in cybercriminals attempting to perform attacks by exploiting remote login credentials over the last year. Many employees continue … Read the rest
An attacker is like a lover. He teases until he finds the right moment to act on your network. This behavior is the same for the PowerShell attack. The following post focuses on PowerShell obfuscation and how to monitor with … Read the rest
Are your Intune local users configured as local admin? Do you’ve got additional admin users on Intune devices? In most cases, Intune users could be the Local administrators, and it’s a feature without any disruption, and this is by default.… Read the rest
Sentinel. Sentry a defender always on the guard who aims to protect and withstand threats, anticipate any attack, assume that it will arrive, and adjust the behavior accordingly. Be present to protect the assets and the area.
This blog post … Read the rest
The following post will assist you with the Log4j incident response process based on the familiar tools, mitigate options, and the information from the vendors and community.
On Dec. 9, 2021, a remote code execution (RCE) vulnerability in Apache … Read the rest
This short blog post will guide how to Hunting Log4j with Microsoft Sentinel.
On Dec. 9, 2021, a remote code execution (RCE) vulnerability in Apache log4j 2 was identified as being exploited in the wild. PoC code was released, and … Read the rest
Do you like cookies? Everyone loves especially attackers and especially cloud-related cookies. If you have got multi-factor authentication (MFA) enabled on your account or are even passwordless in some situations, you can’t be compromised, correct? Think again. Well, not exactly. … Read the rest
