7MS #551: Interview with Matt Warner of Blumira
7 Minute Security16 Dec 2022

7MS #551: Interview with Matt Warner of Blumira

Today we welcome our pal Matthew Warner (CTO and co-founder of Blumira) back to the show for a third time (his first appearance was #507 and second was #529).

I complained to Matt about how so many SIEM/SOC solutions don't catch early warning signs of evil things lurking in customer networks. Specifically, I whined about 7 specific, oft-missed attacks like port scanning, Kerberoasting, ASREPRoasting, password spraying and more. (Shameless self-promotion opportunity: I will be discussing these attacks on an upcoming livestream on December 29).

Matt dives into each of these attacks and shares some fantastic insights into what they look like from a defensive perspective, and also offers practical strategies and tools for detecting them!

Note: during the discussion, Matt points out a lot of important Active Directory groups to keep an eye on from a membership point of view. Those groups include:

  • ASAAdmins
  • Account Operators
  • Administrators
  • Administrators
  • Backup Operators
  • Cert Publishers
  • Certificate Service DCOM
  • DHCP Administrators
  • Debugger Users
  • DnsAdmins
  • Domain Admins
  • Enterprise Admins
  • Enterprise Admins
  • Event Log Readers
  • ExchangeAdmins
  • Group Policy Creator Owners
  • Hyper-V Administrators
  • IIS_IUSRS
  • IT Compliance and Security Admins
  • Incoming Forest Trust Builders
  • MacAdmins
  • Network Configuration Operators
  • Schema Admins
  • Server Operators
  • ServerAdmins
  • SourceFireAdmins
  • WinRMRemoteWMIUsers
  • WorkstationAdmins
  • vCenterAdmins

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(727)

7MS #727: Securing Your Mental Health – Part 7

7MS #727: Securing Your Mental Health – Part 7

Hello friends! It's been over a year since we did a dedicated mental health episode, so today I'm doing a big catch-up and running through my 7-point plan for being a more mentally secure me. None of ...

19 Juni 21min

7MS #726: Baby's First Hermes

7MS #726: Baby's First Hermes

Hello friends! I've been on a bit of an AI agent journey lately, and today I'm sharing my experience ditching OpenClaw and going all-in on Hermes — a self-hosted AI agent built by Nous Research. A Net...

12 Juni 22min

7MS #725: Building a Bulletproof Backup Solution

7MS #725: Building a Bulletproof Backup Solution

Hey friends! Backups are not as cool as pentesting, but boy do they matter when things go sideways. This week I'm sharing how a Proxmox backup disk space meltdown led me to a completely overhauled — a...

5 Juni 21min

7MS #724: Tales of Pentest Pwnage - Part 85

7MS #724: Tales of Pentest Pwnage - Part 85

Hey friends! Today we're going deep on external network pentesting — something I realize we've barely touched in however many episodes we've done. I'm currently in a long stretch of back-to-back exter...

29 Maj 30min

7MS #723: CARTP - Cloud Red Team Tactics for Attacking and Defending Azure - Part 1

7MS #723: CARTP - Cloud Red Team Tactics for Attacking and Defending Azure - Part 1

Hello friends! Today's a hybrid episode — some security content up top about a new certification I've kicked off, followed by an aggressively quick trip to Tangent Town. Feel free to bail after the se...

23 Maj 32min

7MS #722: I Turned My Phone Into a Brick

7MS #722: I Turned My Phone Into a Brick

Hey friends! Quasi-vacation week over here, so today's episode is lighter and more personal: just a story about how I turned my phone into a "brick" (kind of) and what that's done for my mental health...

15 Maj 23min

7MS #721: Fun Professional and Personal AI Project Ideas – Part 2

7MS #721: Fun Professional and Personal AI Project Ideas – Part 2

Hello friends! Picking up the AI-automation series from a couple weeks back — here's another batch of scripts and integrations that have been giving me precious minutes (and sanity) back. Yes, I had t...

8 Maj 25min

7MS #720: Tales of Pentest Pwnage – Part 84

7MS #720: Tales of Pentest Pwnage – Part 84

Hey friends! Today's another Tales of Pentest Pwnage! Quick tangent first on a couple side projects: I've got a music thing at quack.house (like the duck noise, not the drug) and a podcast with my dan...

1 Maj 43min

Populärt inom Politik & nyheter

svenska-fall
tv4-nyheterna-story
motiv
de-fyras-gang
p3-krim
aftonbladet-krim
kungligt
rss-expressen-dok
aftonbladet-daily
flashback-forever
spar
rss-krimreportrarna
rss-sanning-konsekvens
rss-vad-fan-hande
politiken
rss-aftonbladet-krim
rss-flodet
olyckan-inifran
rss-frandfors-horna
svd-dokumentara-berattelser-2