No client-to-client comm.
This is why I love the Windows Firewall. Supereasy to implement this and thus making lateral movement a lot harder. And again I recommend this pearl by @jepayneMSFT
https://channel9.msdn.com/Events/Ignite/New-Zealand-2016/M377 …
#BlueTeam #DFIR #IrritateTheHellOutOfThem
-
Novi razgovor
-
-
-
Have seen all three, although all very annoying, there are workarounds which make it bearable. Of the list, no client-to-client is the most annoying. But overal, the most annoying is good visibility by the blue team. Not being able to misbehave without getting caught is nightmare
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Voting other because
#blueteam and I’m really curious to see if I’m right about my controls
-
TBH whitelisting has annoyed more of our pentesters than anything else.
Kraj razgovora
Novi razgovor -
-
-
Compromising/abusing trust relationships and lateral movement is all about multiple systems networked in an environment. Have come across internal firewall using desktop firewalls, makes it hard. Somehow this is so under-rated by clients in favour of third party products.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
No client-to-client along with several others. http://threatexpress.com/blogs/2018/threat-mitigation-strategies-observations-recommendations/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Combination of perfectly rolled out Windows Defender ATP and deception solution in place.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Privilege escalation controls and alarms
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
This is gold. I wish I had thought to ask this question ages ago. Should be a regular question asked each year or 6 months.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.