I wrote up a new blog post on how I did the Lockbit KQL query:
I came up with a pretty simple KQL query to help with Lockbit Detection. This is based off the latest info from a Sentinel One Blog post. Feel free to share and if you have suggestions to make it better, feel free to let me know.
Who on earth would be trying to promote EC-Council University via comment spam on my website?
The question on this, and it is a pretty nasty bug, is how common is LAM on the web?
We all know change is scary, but if your authentication method is weak, shouldn't you shore it up?
I guess these firms feel it costs less to pay for a breach than to fix the systems, or is it something else in the integration between back end systems?
Anyone surprised? The game of cat and mouse continues...
Ok, it seems that threatpost article is going off vendor research, I'm linking the original vendor blog which shows nothing new on the mitigation front and a sales pitch at the end of it basically.
Here we go with insecure by design talk this time on OT vendors. Yes they should be paying more attention to it now. That said, how does that affect everything.
Not being in OT, I don't have the answers, but others could speak on this better.
If I can find the time, I might have to see how I can compare Firefox's anti-tracking to Brave's.
Metasploit 6.2.0 improves credential theft, SMB support features, more
So Internet Explorer is "Officially Dead" which of course means that it will linger for the next 100 years.
I mean, look at Flash, Python 2 and other legacy tech that is still around.
The real issue is laziness. Things that rely on the "dead" tech never get updated but still wind up being needed until some new version is hopefully written.
Then after writing said new version is needs to be tested and eventually rolled out. Some industries this can take 10+ years to accomplish.
The only thing that surprises me about this one is that it took this long to happen.
One always needs to make sure of what they are getting, and what their attack vector can be.
Dad, Security Engineer, Burbsec North Organizer, BlueTeam, Padawan, Theatre Actor/Tech Man, Train Hobbyist, "Dammit Shecky" Opinions and more, GCIH, CISSP
A Mastodon instance for info/cyber security-minded people.