🔐 Windows Security and SDDL: What You Need to Know 🔐

Windows permissions misconfigurations are a goldmine for attackers. SDDL (Security Descriptor Definition Language) remains overlooked yet highly exploitable. 🚨

@nasbench.bsky.social and I break it down -->

🧵 (1/)

Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time | Splunk Explore SDDL in Windows security with our comprehensive guide to help enhance your defensive strategy against privilege escalation attacks.

Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time www.splunk.com/en_us/blog/s....

Thrilled to share my first blog at @splunk! @mhaggis.bsky.social and I take a deep dive into the weird & exciting world of SDDL and ACEs - what they are, how they work, and how attackers can abuse them.

Incident Response: Behind the Scenes by InfoSec Deep Dive Explore the field of incident response with our hosts as they discuss what it means to be an incident responder. From preparation to recovery, they cover the phases of handling security incidents and the approach needed to remain effective under pressure. Using real-world examples like ransomware attacks, they talk about the challenges, tools, and teamwork involved in reducing impact and learning from each event. This episode provides insight into the essential role of incident responders. Whether you want to know about the tools they use, the choices they make, or their daily tasks, this episode has you covered. Join us to understand why cybersecurity matters for everyone.

🎙️ New podcast episode is live! I used my experience as an Incident Responder and provided it to NotebookLM to turn into a podcast. Wondering what it feels like to be in IR? This episode shares most responsibilities, true to life for 99% of IR folks.

Hope you enjoy: creators.spotify.com...

This is just sad to think about 😔

AI allows you to do more work with the same salary. Allowing companies to make more money, and, it uses your data to train so that it'll replace you later.

When is the utopia we read about in sci-fi books. Looks like we skipped to the doom and gloom and AI overlords chapter too quickly 😭

I guess we're still here @kostas-sec.bsky.social 😂
Bsky is chill

Compared to release v2023-08-24, in v2024-11-10 there are 469 more public #detectionrules in the #SigmaRules repository.

www.dogesec.com/blog/analysi...

#threatintelligence #threatintel

💡Interested in #memoryforensics ? Follow

✅ @volexity.com
✅ @volatilityfoundation.org
✅ @attrc.bsky.social
✅ @rmettig.bsky.social
✅ @nolaforensix.bsky.social

➡️ more to come!

I’m looking for a new remote work opportunity starting in April. If you think I’d be a good fit for your team, let me know!

Blue Sky Jimmy Cliff GIF ALT: Blue Sky Jimmy Cliff GIF

Everybody joining and preaching BS aka Blue sky 😆
Enjoy your weekend everyone.

Unwrapping the emerging Interlock ransomware attack Cisco Talos Incident Response (Talos IR) recently observed an attacker conducting big-game hunting and double extortion attacks using the relatively new Interlock ransomware.

Cisco Talos Incident Response (Talos IR) recently observed an attacker conducting big-game hunting and double extortion attacks using the relatively new Interlock ransomware. Read the blog here: cs.co/6019SsMIh
#dfir #threatintel #cybersecurity

Windows.edb and WER dumps, just to name a few

Appreciate you brother 🙏

LOLDrivers are cool 😎