Olivia
Online
Adrián Lois
@adrianlois_
Cosas de Ciberseguridad.
Joined October 2010
429 Following
136 Followers
203 Posts
Digital Forensics Incident Response and Detection Engineering: Análisis forense de artefactos, técnicas anti-forense y técnicas de detección.
▶ https://t.co/sVUtfsTcty
#dfir #digitalforensic #threatdetection #incidentresponse #redteam #blueteam #infosec #cybersecurity
Quick POC this evening looking at how LAPS (v2) passwords are stored and decrypted on Active Directory (tl;dr, msLAPS-EncryptedPassword attr and NCryptStreamUpdate for crypto) https://t.co/QaZdleEvNc
🔍If you are looking for a comprehensive overview of the current #3CX supply chain attack, I created a diagram that shows the attack flow!💥I'll update as soon as the analysis progresses. Stay tuned for the MacOS edition! #cybersecurity #infosec #supplychainattack #3CXpocalypse
Who to follow
Gerard Fuguet
@GerardFuguet
I'm just a systematic human who swims in this technological sea
Arys A Emeterio R
@arys_emeterio
"Informática forense | Artículos sobre la investigación de delitos informáticos y la recolección de evidencia digital | Explorando el mundo de la ciberseguridad
Eduardo Sánchez
@educhip
Software Analyst at https://t.co/s2KGXzVjR0
Bypass PowerShell Execution Policy.
Varias formas de eludir la política de ejecución de PowerShell.
https://t.co/f71DzOwDK2
#powershell #windows #bypass #cybersecurity #hacking #infosec
Análisis y detección de Hoaxshell "¿una la shell indetectable?". Identificando posibles IOC y creando una regla de detección para generar alertas en Wazuh
https://t.co/AxwVk3J9mw
#hoaxshell #windows #powershell #microsoft #threathunting #blueteam #ciberseguridad #cybersecurity
Port knocking o golpeto de puertos: implementación en un servicio SSH y varias opciones de como conectarse usando esta mecanismo de seguridad vía Knockd, Telnet y Nmap
https://t.co/50B8wio0UM
#SSH #linux #portknocking #hardening #blueteam #ciberseguridad #cybersecurity #infosec
Implementación de 2FA en servicios de conexión SSH y la posibilidad de añadir un tercer factor de autenticación 3FA combinando los métodos SSH Public Key + Password + TOTP
Artículo: https://t.co/M27A1x2sQp
#SSH #2FA #hardening #blueteam #ciberseguridad #cybersecurity
KrbRelayUp PrivEsc: Escalada de privilegios local en entornos Active Directory y mitigación.
Artículo: https://t.co/jqkIsqaAwt
#KrbRelayUp #windows #vulnerability #activedirectory #privesc #hardening #ciberseguridad #cybersecurity #infosec #seguridadti
Another way to mitigate #KrbRelayUp is to remove the "Authenticated users" group from the "Add workstations to domain" policy in the Default domain controller policy and assign a specific group to perform these operations. @dec0ne
@wdormann @dec0ne @tiraniddo @cube0x0 @harmj0y There was indeed an implementation error, the GPO should be applied to the default domain controller policy. Although I still prefer the modification of the ms-DS-MachineAccountQuota=0 attribute directly prevents host creation in AD avoiding persistence and execution ;)
@wdormann @dec0ne @tiraniddo @cube0x0 @harmj0y It seems that the best form of mitigation is to modify the ms-DS-MachineAccountQuota=0 attribute directly avoids host creation in AD and would also avoid persistence. I think it has less impact than requiring LDAP signature for retrocompatibility in legacy envs. @wdormann @dec0ne
Interesante artículo de @jasonfossen de @SANSInstitute sobre la seguridad cifrada y simétrica entre los formatos de compresión de ficheros 7z y zip.
"PowerShell 7-Zip" vs. "Compress-Archive" nativo de PowerShell.
https://t.co/Wflt5cyYvh
#cybersecurity #powershell #blueteam
Instalar y configurar Microsoft LAPS para evitar movimientos laterales (Local Administrator Password Solution).
Artículo: https://t.co/kJOaPKWTI5
#laps #activedirectory #contraseñas #passwords #hardening #blueteam #ciberseguridad #cybersecurity #infosec #seguridadti
Apache Log4j.
Resumen de vulnerabilidades asociadas a Log4Shell:
https://t.co/j5xsP9nthc
#log4j #log4shell #ciberseguridad #cybersecurity #vulnerabilities #vulnerabilidades #infosec
Detectar, alertar y bloquear intentos de conexiones por fuerza bruta a los servicios de escritorio remoto RDP.
https://t.co/8gx6pRzROp
#threathunting #hardening #RDP #windows #infosec #ciberseguridad #seguridadti #cybersecurity
Pentesting Active Directory https://t.co/fuSnfQD4qF
JET is a Microsoft storage technology.
Access uses JET Red.
Windows uses JET Blue.
Redteam uses it to copy the in-use Windows account databases via the esentutl tool.
📎https://t.co/pKnETUD9K5
📎https://t.co/1WEo3YQcDv
Presenting "TweetFeed"
Public repo that collects IOCs posted on Twitter in order to search them in your environment.
Interesting for #BlueTeam members, contains:
- URLs
- Domains
- IPs
- MD5/SHA256 hashes
Also includes queries for MS Defender.
🔗 https://t.co/C0a7fdxCvS
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.4M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers