Pocket

There are some people who don´t have the time to read the whole text – if you are familiar with the topic the text in bold includes the most important points and is just for you. Source: Powershell Security at Enterprise Customers @ May 30, 2017 at 11:37PM 0

Share
Read More

There are some people who don´t have the time to read the whole text – if you are familiar with the topic the text in bold includes the most important points and is just for you. Source: Powershell Security at Enterprise Customers @ May 30, 2017 at 11:37PM 0

Share
Read More

Threat hunting is a popular topic these days, and there are a lot of people who want to get started but don’t know how. What should they hunt for? How should they perform the hunts? What data will they need to collect? Source: The ThreatHunting Project @ June 17, 2016…

Share
Read More

Over the years we’ve seen practically exponential growth in the underground economy. Criminals are organizing their efforts online on a scale we haven’t seen before. Source: Zero Day Auction for the Masses @ June 02, 2016 at 07:29AM 0

Share
Read More

MITRE is well-known for its work in leading communities in the standardization of threat and vulnerability information. Source: ATT&CK Use Cases @ May 21, 2016 at 10:27AM 0

Share
Read More

One of the Default Rules in AppLocker allows everyone to execute everything in the folder C:\Windows. The reasoning behind this must have been that a non-admin Windows-user should not have write permissions anywhere in that folder. But as it turns out that is not the case. Source: AppLocker Bypass Checker…

Share
Read More

JSUNPACK A Generic JavaScript Unpacker CAUTION: jsunpack was designed for security researchers and computer professionals Use NoScript, a limited user account and a virtual machine and be safe(r)! Source: A Generic JavaScript Unpacker @ May 19, 2016 at 10:13AM 0

Share
Read More

You can use Windows security and system logs to record and store collected security events so that you can track key system and network activities to monitor potentially harmful behaviors and to mitigate those risks. You customize system log events by configuring auditing. Source: Security Audit Policy Reference @ May…

Share
Read More

Group Policy Object and Group Policy template files for EMET 5.5 policies are included in the SHB. EMET is one way of enabling anti-exploitation features in Windows. Enabling anti-exploitation features is on of IAD’s Top 10 mitigation strategies. EMET 5.5 added official support for Windows 10. Source: iadgov/Secure-Host-Baseline @ May…

Share
Read More