Why aren’t more TAs using Quick Assist for initial access? It’s a plausible vector for social engineering (don’t download anything, just hit a hotkey and enter the digits the I am giving to YOU), you’ll never have to worry about AV or email filters, it creates minimal artifacts on the host, and on the wire it’s only hitting Microsoft subdomains. Anyway, here’s some findings that weren’t documented elsewhere. https://hackuponthegale.github.io/blog/dfir/QuickAssist1 #DFIR #cybersecurity #microsoft

Why aren’t more TAs using Quick Assist for initial access? It’s a plausible vector for social engineering (don’t download anything, just hit a hotkey and enter the digits the I am giving to YOU), you’ll never have to worry about AV or email filters, it creates minimal artifacts on the host, and on the wire it’s only hitting Microsoft subdomains. Anyway, here’s some findings that weren’t documented elsewhere. https://hackuponthegale.github.io/blog/dfir/QuickAssist1

As much as I genuinely enjoy the miscellany of this smaller, nontoxic community, can we agree on a framework to indicate what’s core content about the cybers? Or breaking topic that might give me an excuse to leave a meeting early? Maybe some sacred hashtags like #bigcyber and #hugecyber not to be abused, and protected by threat of shunning?