Tagged: Microsoft Defender XDR
Think of your enterprise as a fortified city, and each domain controller as a gatehouse. Microsoft Defender for Identity is like a watchtower built inside the gate, quietly observing everyone who passes through. It doesn’t rely on patrols or wall … Read the rest
CVE-2025-21204 is a local privilege escalation flaw in the Windows Update Stack. By abusing directory junctions or symbolic links, attackers can hijack trusted paths accessed by SYSTEM-level processes like `MoUsoCoreWorker.exe` and execute arbitrary code with elevated privileges. A patch is … Read the rest
While CrowdSrtike had a massive outage, CISOs and many security managers asked me about delaying updates in Microsoft Defender. This article discusses these possibilities. Still, you should decide what is best for your organization and technological environment.
One update
…
Read the rest
No One Is Immune. AnyDesk was breached, and the problem isn’t the breach itself. It’s the issue with using a remote desktop solution with malicious potential in a sensitive environment. Many investigations I did in the past involved Anydesk as … Read the rest
In the ever-evolving realm of cybersecurity, where threats often lurk unseen, the role of defenders is increasingly becoming proactive. It’s a shift from merely guarding to actively hunting – seeking out the elusive adversaries before they strike.
Enter MDI, which … Read the rest
In the tangled world of cybersecurity, where threats often wear the cloak of invisibility, defenders must become hunters, actively seeking out their elusive adversaries. Within this digital battleground, Microsoft Defender for Identity emerges as a formidable ally, empowering cybersecurity teams … Read the rest