Twitter Beğeni Hilesi

Do you like to learn more about Microsoft applications in your #MicrosoftEntra tenant? Eric Woodruff | MVP | CIDPRO has published an amazing research on elevating privileges through this SPs. I've written a #KQL query to get a summary of all first party apps. (1/4) github.com/Cloud-Architek…

Professional. Brazen. Sophisticated. AI enabled. Learn how threat group Storm-1152 operated its illicit business in broad daylight on public websites: msft.it/6011llZaW #SecurityInsider #ThreatIntelligence

Wow that is great - to fully visualize suspicious activities across XDR and SIEM !! Correlation mechanics in the unified security operations platform, #XDR + #SIEM 🚀🚀🚀 🎯 Blog : techcommunity.microsoft.com/t5/microsoft-d…

"New Blog" Hello all defenders 🎯🎯🎯 I wrote a blog about living off the land #LotL techniques with MDE #EDR detection. ✅ Blog : github.com/LearningKijo/S… As this is part 1, I will cover other LotL techniques in future blogs🔥 #MicrosoftDefenderforEndpoint #EndpointSecurity

🚀 Get ready for WICCON 2024! 🚀 An amazing event dedicated to women in cybersecurity. Join us on Oct 31 & Nov 1 at Lichtfabriek, Haarlem, NL. wiccon.nl #WICCON2024 #TechConference #WomenInCyber

If you've ever worked cracked Cobalt Strike for intel or detection, you'll want to listen to this podcast episode. I go behind the scenes to learn the fascinating story of this takedown. Trust me, it's a hot one. 🔥 thecyberwire.com/podcasts/micro…

The Defender team delivers new security content at a massive scale and high velocity, every single day. Read more about the critically important safe deployment practices we leverage at techcommunity.microsoft.com/t5/microsoft-d…

Mandatory MFA is coming to Azure, and it is coming fast! Be prepared! janbakker.tech/all-you-need-t…

In a recent incident response case, the attacker ran the following command, trying to dump lsass with the well-known comsvcs.dll technique: %COMSPEC% /Q /c cmd.eXE /Q /c for /f "tokens=1,2 delims= " ^%A in ('"tasklist /fi "Imagename eq lsass.exe" | find "lsass""') do

Graph visualization is here! 🥳🥳🥳🥳 #KQL #Kusto techcommunity.microsoft.com/t5/azure-data-…

Deception technology is effective but can be complex. Thinkst Applied Research may be able to help: mybroadband.co.za/news/security/… #cybersecurity #infosec #XDR #EDR #SIEM #SOAPA

Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations microsoft.com/en-us/security…

SOC teams handle on average 4,484 alerts per day! the unified Sentinel and Defender unified platform can reduce that load by up to 80% using our real time correlations, grouping together related alerts into ‘security incidents’. Read this blog to learn how techcommunity.microsoft.com/t5/microsoft-d…

MDI for Entra Connect is now available ⭐️New Detections 🔺Suspicious Interactive Logon to the Entra Connect Server. 🔺User Password Reset by Entra Connect Account. 🔺Suspicious writeback by Entra Connect on a sensitive user. 🔺New activity of any failed password reset on a

Your EDR has the ability to isolate devices. Cool. Cool. Can it isolate users? Microsoft automatic attack disruption contains users automatically by blocking incoming traffic from the compromised user account (network logons, RPC, SMB, RDP), terminate ongoing remote sessions and

🚀 The most comprehensive #KQL content for threat hunting, detection engineering, any other security data analysis needs. I can guarantee you will learn things that you have never seen before.😉 academy.bluraven.io/advanced-hands… #threathunting #detectionengineering #Kusto

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel | Ars Technica arstechnica.com/security/2024/…

Wrote a new blog on how to set up Microsoft Defender for External Attack Surface Management. Hope it’s of use to someone out there. security-ninja.com/post/configuri…