> Speaking about CVE-2020-1472 - Just a periodic reminder to check the ACL permissions that have been set on your DC machine accounts in AD. If a non-DA has GenericAll (Full control) for example. It can reset the DC machine account password and later on pull a DCSync attack. > Speaking about CVE-2020-1472 - Just a periodic reminder to check the ACL permissions that have been set on your DC machine accounts in AD. If a non-DA has GenericAll (Full control) for example. It can reset the DC machine…
All posts in Security
> Another reminder that you should run this amazing script to do some @azuread [https://twitter.com/azuread?ref_src=twsrc%5Etfw] MFA analysis for you with recommendations. Please respond with the best finding you have in gif form and I'll interpret it. https://t.co/aLW0PA8fiO — Mark Morowczynski (@markmorow) September 3, 2020 [https://twitter.com/markmorow/status/1301575392491261952?ref_src=twsrc%5Etfw] Script for Azure MFA authentication method analysis - Code SamplesAnalyses Azure AD users to…
> .@Office365 [https://twitter.com/Office365?ref_src=twsrc%5Etfw] Activity Alerts show up in the Security and Compliance Center and are based on events flowing into the #Office365 [https://twitter.com/hashtag/Office365?src=hash&ref_src=twsrc%5Etfw] audit log. Here's how to use #PowerShell [https://twitter.com/hashtag/PowerShell?src=hash&ref_src=twsrc%5Etfw] to grab alert info and create posts about new alerts in a #MicrosoftTeams [https://twitter.com/hashtag/MicrosoftTeams?src=hash&ref_src=twsrc…
> Windows 10 and Windows Server 2016 security auditing and monitoring reference. https://t.co/Y4Y9muxJCw — DirectoryRanger (@DirectoryRanger) August 31, 2020 [https://twitter.com/DirectoryRanger/status/1300399971863277569?ref_src=twsrc%5Etfw]…
> Want to monitor🧐 when a user is added to Azure Active Directory Privileged Groups💪 🚨GitHub PR : https://t.co/FjdfQTSfk8 Bookmark : 📌List of AAD Audit Activities : https://t.co/mJ6UpzRIIR 📌Directory Admin Role Permissions: https://t.co/CJosM6dXnM#KQL [https://twitter.com/hashtag/KQL?src=hash&ref_src=twsrc%5Etfw] #AzureSentinel [https://twitter.com/hashtag/AzureSentinel?src=hash&ref_src=twsrc%5Etfw] pic.twitter.com/FNNDRRHVaZ [https://t.co/FNNDRRHVaZ] — Ashwin Patil (@ashwinpatil) July…