Collaborate Disseminate
Sophos released new findings on the Tor2Mine cryptominer, that show how the miner evades detection, spreads automatically through a target network and is increasingly harder to remove from an infected system. Tor2Mine is a Monero-miner that has been ac… Continue reading Tor2Mine cryptominer has evolved: Just patching and cleaning the system won’t help
The ScarCruft group (also known as APT37 or Temp.Reaper) is a nation-state sponsored APT actor. Recently, we had an opportunity to perform a deeper investigation on a host compromised by this group. Continue reading ScarCruft surveilling North Korean defectors and human rights activists
In this article, I’m going to show you how to audit security in Microsoft 365 with Access Reviews in Azure Active Directory (AAD). I’ll show you how to set up and run Access Reviews from the Azure management portal and using the Microsoft Graph and PowerShell. Azure Active Directory enables core collaboration with users […] Continue reading How to Manage Access Reviews within Microsoft 365
I can’t enable/disable real-time monitoring in Windows 10 using PowerShell ISE (as administrator). I have run the command Set-MpPreference -DisableRealtimeMonitoring $false for disabling real-time monitoring (in case it is enabled) and Set… Continue reading Enable/Disable real time monitoring in Windows [migrated]
As a seasoned, or even new IT Pro, you’re likely an avid user of Putty, using secure shell (SSH) to connect to Unix/Linux servers, computers, and even Windows machines for an efficient and secure remote command-line experience. Well, did you know Windows 10, Windows 11, and Windows Server 2019 (and Windows Server 2022) include an […] Continue reading The Ultimate Guide to Installing OpenSSH on Windows
According to older public researches, Lyceum conducted operations against organizations in the energy and telecommunications sectors across the Middle East. In 2021, we have been able to identify a new cluster of the group’s activity, focused on two entities in Tunisia. Continue reading Lyceum group reborn
The latest report from the WatchGuard shows an astonishing 91.5% of malware arriving over encrypted connections during Q2 2021. This is a dramatic increase over the previous quarter and means that any organization that isn’t examining encrypted HTTPS t… Continue reading 91.5% of malware arrived over encrypted connections during Q2 2021
Microsoft recently announced that their Ignite (online only) conference will be running again on November 2-4. That means we are approaching peak season for announcements, new public preview releases, and general availability. “Q3” in announcements and roadmaps will often mean between early September and maybe the third week of October – a code freeze will […] Continue reading What’s New with Azure – September 2021
Puppet announced a malware scanner feature for newly published modules on the Forge, Puppet’s module marketplace, in order to combat security risks and increase the security profile of customers using those modules. The rollout targets Supported module… Continue reading Puppet’s module malware scanner adds a layer of protection to proactively combat security risks
I’m working on a keylogger powershell script, but I want the logs to be sent to an email address. It is successfully doing so, except the email is only sent on machine restart, or if I manually execute the c.cmd command. Any way to schedul… Continue reading RubberDucky KeyLogger [migrated]