Podme logo
HemUpptäckKategorierSökStudent
7MS #499: Desperately Seeking a Super SIEM for SMBs - Part 6

7MS #499: Desperately Seeking a Super SIEM for SMBs - Part 6

21:352021-12-16

Om avsnittet

Today we have some cool updates on this SIEM-focused series we've been doing for a while. Specifically, I want to share that one of these solutions can now detect three early (and important!) warning signs that bad things are happening in your environment: ASREPRoasting WDigest flag getting flipped (reg add HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest /v UseLogonCredential /t REG_DWORD /d 1) Restricted admin mode getting enabled (reg add HKLM\System\CurrentControlSet\Control\Lsa /t REG_DWORD /v DisableRestrictedAdmin /d 0x0 /f) - see n00py's blog for more info

logo

PODME

INFORMATION

  • Om kakor
  • Allmänna villkor
  • Integritetspolicy
  • Press

LADDA NED APPEN

app storegoogle play store

REGION

flag
  • sweden_flag
  • norway_flag
  • finland_flag

© Podme AB 2024