Great thread here about security and event logging. > If you want to stop an attacker from installing malware or placing a web shell on your Exhange server, you probably should start with ensuring service accounts and admins who have admin on those servers donโt log in to easily phished desktop class systems. โ Jessica Payne (@jepayneMSFT) May 9, 2019 [https://twitter.com/jepayneMSFT/status/1126529038913163264?ref_src=twsrc%5Etfw] > If you want to see if a domain admin has logged in somewhere…
Great thread here about logging; > Perhaps the single most important thing you can do to prepare for an incident is to increase Windows event logging. Turn on process auditing, PowerShell logging, and dramatically increase the size of the event logs. Disk space is cheap, use it. โ Jake Williams (@MalwareJake) May 8, 2019 [https://twitter.com/MalwareJake/status/1126075545547100160?ref_src=twsrc%5Etfw]…
Really great thread here about Office365 security and Azure Sentinel recommendations > If you use O365, you need to learn about password spray. Want to see some campaigns against you? Try #AzureSentinel [https://twitter.com/hashtag/AzureSentinel?src=hash&ref_src=twsrc%5Etfw]--you can connect your O365 data for free. Here are some common patterns. ๐๐๐ โ John Lambert (@JohnLaTwC) May 7, 2019 [https://twitter.com/JohnLaTwC/status/1125810589370961920?ref_src=twsrc%5Etfw] Azure Sentinel Password…
interesting simple read here. ย Useful for looking up terminology. Anna Shipman : JFDI [https://www.annashipman.co.uk/jfdi/finance-for-non-accountants.html]…
ukncsc/lmeLogging Made Easy. Contribute to ukncsc/lme development by creating an account on GitHub.GitHubukncsc [https://github.com/ukncsc/lme/]…