Dusty Miller – WindowsTechs.com

Security Advisory Regarding HiveNightmare

Posted on July 21, 2021 by Dusty Miller

HiveNightmare Summary On July 19th, Twitter user @jonasLyk released a vulnerability they thought was just on the insider edition Windows 11, but ended up being a part of current Windows 10 releases. This vulnerability allows easy privilege escalation i… Continue reading Security Advisory Regarding HiveNightmare→

Splunking with Sysmon Part 4: Detecting Trickbot

Posted on November 12, 2020 by Dusty Miller

Trickbot and Ryuk With the recent outbreak of Ryuk in hospitals, detecting the precursors to the ransomware has become a more visible priority. Ryuk has a history of being deployed after an enterprise has been compromised by Trickbot. The problems with… Continue reading Splunking with Sysmon Part 4: Detecting Trickbot→

Splunking with Sysmon Part 3: Detecting PsExec in your Environment

Posted on November 5, 2020 by Dusty Miller

PsExec is another powerful tool created by Windows Sysinternal. It was created to allow Administrators to remotely connect to and manage Windows systems. Because of the power of PsExec, many different malware actors have used it in various forms of mal… Continue reading Splunking with Sysmon Part 3: Detecting PsExec in your Environment→