Another day of Cybersecurity
Managing comprehensive security products and controls can be complicated, requiring a specific skill set and control over the security process. In addition to managing complexity is tracking where the simulation activities, alerts, and results are reflected during the evaluation and … Read the rest
Managing comprehensive security products and controls can be complicated, requiring a specific skill set and control over the security process. In addition to managing complexity is tracking where the simulation activities, alerts, and results are reflected during the evaluation and … Read the rest
How do you investigate an Active Directory environment? are you also analyzing the metadata or just investigating an event log on each DC? If you investigate only the event logs, in some cases, it’s not good enough, and you should … Read the rest
Roses Are Red, Violets are Blue, and If you think your RDP is secure, I’ve some ransomware.
There’s been a tremendous increase in cybercriminals attempting to perform attacks by exploiting remote login credentials over the last year. Many employees continue … Read the rest
An attacker is like a lover. He teases until he finds the right moment to act on your network. This behavior is the same for the PowerShell attack. The following post focuses on PowerShell obfuscation and how to monitor with … Read the rest
Recently, there have been massive cyberattacks against cloud providers and on-premises environments, the most recent of which is the attack and exploitation of vulnerabilities against Exchange servers – The HAFNIUM. This post focus on Microsoft Sentinel and Sysmon 4 … Read the rest
Are your Intune local users configured as local admin? Do you’ve got additional admin users on Intune devices? In most cases, Intune users could be the Local administrators, and it’s a feature without any disruption, and this is by default.… Read the rest
Sentinel. Sentry a defender always on the guard who aims to protect and withstand threats, anticipate any attack, assume that it will arrive, and adjust the behavior accordingly. Be present to protect the assets and the area.
This blog post … Read the rest
