> BOOM 🔥 I did it! 🤓 Now it's your turn to become a Microsoft Defender ATP Ninja!! Thanks everyone who helped pulling this together! ❤ https://t.co/bV0jX2xPQ0 #mdatp [https://twitter.com/hashtag/mdatp?src=hash&ref_src=twsrc%5Etfw] #training [https://twitter.com/hashtag/training?src=hash&ref_src=twsrc%5Etfw] #infosec [https://twitter.com/hashtag/infosec?src=hash&ref_src=twsrc%5Etfw] #cybersecurity [https://twitter.com/hashtag/cybersecurity?src=hash&ref_src=twsrc%5Etfw] #onlinetraining [https…
All posts in Security
> This is such an awesome writeup, but it's missing one thing - remediation steps Some AD admins may know how to fix these issues, but it's fair to assume some do not. I'd also highly recommend using PingCastle by @mysmartlogon [https://twitter.com/mysmartlogon?ref_src=twsrc%5Etfw] as it audits most of this and more. Thread time! https://t.co/99LVR6tcp0 — Nathan McNulty (@NathanMcNulty) July 12, 2020 [https://twitter.com/NathanMcNulty/status/1282369991308763136?ref_src=twsrc%5Etfw]…
> The powershell code below is something everyone with an Azure AD Tenant should be running in their environment to spot check Granted OATH permissions. Attackers are utilizing malicious OATH grants for persistence. Want to learn more? See >> https://t.co/6EcoyguimQ https://t.co/zW42DYpjAS — Root (@rootsecdev) July 13, 2020 [https://twitter.com/rootsecdev/status/1282640558025060354?ref_src=twsrc%5Etfw]…
> (Thread)Hey all Lets talk about consent phishing with Office365 products https://t.co/WfPg0VexQj — Root (@rootsecdev) July 11, 2020 [https://twitter.com/rootsecdev/status/1281930341050191873?ref_src=twsrc%5Etfw]…
> It's been two years since we removed SeDebugPrivilege from ALL of our users who have a 'need' for local administrator rights. (Via GPO) No complaints; extra work acknowledged by the adversary simulation team. Details: https://t.co/ULijgaEWgR#BlueTeam [https://twitter.com/hashtag/BlueTeam?src=hash&ref_src=twsrc%5Etfw] #redteaming [https://twitter.com/hashtag/redteaming?src=hash&ref_src=twsrc%5Etfw] #Windows [https://twitter.com/hashtag/Windows?src=hash&ref_src=twsrc%5Etfw] — duff (@duff2…