Sascha StumplerFeb 19, 2025
Powershell Updating Local Admin Passwords Securely 2 of 3 http://dlvr.it/TJ3ccs via PlanetPowerShell #PowerShell #LocalAdmin #CyberSecurity #SANS
Powershell Updating Local Admin Passwords Securely 2 of 3

Powershell Updating Local Admin Passwords Securely 2 of 3 - Lets Automate It

Lets Automate It
Sascha StumplerFeb 18, 2025
Powershell Updating Local Admin Passwords Securely 1 of 3 http://dlvr.it/TJ39tG via PlanetPowerShell #PowerShell #LocalAdmin #CyberSecurity #ITSecurity
Powershell Updating Local Admin Passwords Securely 1 of 3

Powershell Updating Local Admin Passwords Securely 1 of 3 - Lets Automate It

Lets Automate It
Totally Normal Adult HumanMar 23, 2024
Fixed an issue this morning accessing Firetribe due to the server being out of space. I forgot to clear the remote media storage this month. Apologies if you've had trouble accessing the server today. We're back up and running now though!
#firetribe #localAdmin
acrypthashπŸ‘¨πŸ»β€πŸ’»Nov 13, 2023

Happy Monday! This is the last full week before vacation season starts :D

On a security note, we had an interesting event happen over the weekend. Our EDR started setting off flags for suspicious internet traffic to Github repos for offensive security tools on an end user laptop, as well as detections found in exe's that were downloaded with WMI exploits.

After investigating both the device and the end user, I found he is interested in security and had meant to do his searching on his personal computer -_-. At first, I thought his Slack was even compromised because that was the first time I had ever heard that one. Further digging found that wasn't the case.

I was so happy to find someone with 0 security experience wanting to learn and get into the field, but at the same time it made me look bad because he was able to download that stuff to begin with... GPO / Local admin audit it is.

#security #IR #github #localadmin #WMI

Show threadGeekmaster πŸ‘½Dec 29, 2022
Also be sure to turn on these monitoring policies in #DefenderForCloudApps so you can #CatchTheHacker before they get too deep, whether you switch to #Kerberos or not. #NetworkSegregation is also a great #LayeredDefense method to ensure if one system is compromised the attacker can't use #SMBtraversal to get to all your computers, globally. #EternalBlue source code is still being used to get to #DCs via #Trikbot evolutions, after #Phishing a user with #LocalAdmin privileges, to execute #mimikatz against #ActiveDirectory to steal all the objects. #YesThisHappened
ToplusDec 19, 2022
I'm using #tuksy as a client and there are not sufficient post loading on my timeline. There are some, but I just go through them very quickly. Is there a way to have more? How does the client decide how many to load (or is it a server decision to push certain amount to the accounts?) Thanks! #askmastodon #localadmin