Security

https://maester.dev Source: YouTube https://search.app/EMJcV

Threat Intelligence That Powers Best SOCs Worldwide Is Now Free https://share.google/iArgVvDWjq0mViHeN

Re; LastPass was breached and now some bad guys are cracking the passwords inside Whatever password manager I use today, I’m going to create a few fake accounts with high…

Run these Tools: snaffler find plain text auth sources, read the documentationPingCastle AD security fixesLockSmith Certificate issues/misconfigsScriptCentury turn script files into Canaries (Thinkst)ADeliginator find overly permissive delegations prune SPNsLAPs on…

https://slaw.securosis.com/

ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps https://www.helpnetsecurity.com/2024/11/18/scubagear-open-source-tool-assess-microsoft-365-security/

The environment:Windows 10+, VMware 8u2, SentinelOne, Fortigate Fw 7.0.15, Unsecured VPN tunnels to biz partners The Good:+Cove backup w Cloud really good. Attackers will wipe local backup repo. Caveat; when…

BasicFirewall, Spam Filter, Backup (AV if not Windows) MidPatch Mgt, Web Filter, Monitoring, Password managers, MFA on email + Cloud, Users are not local Admin BronzeEDR, VPN, Scheduled Vulnerability Scanning,…

80%+ breaches originate from emailNeed to make a safer email client or Outlook Plugin geo filtered logindont’ send out-of-office to external addresses, options for in contact list, msg historyspf policy;…