DearSecurity @DearSecurity
Joined December 2019-
Tweets31
-
Followers3
-
Following127
-
Likes418
Ensuring proper Domain Controller configuration is key for Active Directory security. Part of this is making sure they are running supported versions of Windows. At this point, DCs should be running at least Windows Server 2016, preferably Windows Server 2019 or 2022. Hold off…
Want to detect Kerberoasting with no false positives? Setup a honeypot account for detection following the guidance in this article: hub.trimarcsecurity.com/post/trimarc-r… #ActiveDirectorySecurityTip
How to find insecure delegations in active directory 1. Download and run ADeleg 2. Click View -> Index view by -> Trustees 3. Look for: Everyone, Authenticated Users, Domain Users Check the permissions on the right side to see if there's any privileged resources listed, such as…
Releasing a side project of mine: wsuks - automating the WSUS mitm attack🔥 github.com/NeffIsBack/wsu… TL;DR: If the Windows Server Update Service (WSUS) is configured to use HTTP instead of HTTPS, it's possible to take control of any Windows machine on your local network. 1/4🧵
Block the items on the list at this site.
Consider MEAM
Active Directory Advanced Threat Hunting - Tracing the cause of account lockouts and password errors, by @tomvideo2brain #DFIR techcommunity.microsoft.com/discussions/wi…
Active Directory Hardening Series Part 1 Disabling NTLMv1 techcommunity.microsoft.com/blog/coreinfra… Part 2 Removing SMBv1 techcommunity.microsoft.com/blog/coreinfra… Part 3 Enforcing LDAP Signing techcommunity.microsoft.com/blog/coreinfra… Part 4 Enforcing AES for Kerberos techcommunity.microsoft.com/blog/coreinfra…
Okay so this is HUGE - our amazing AI red team have open sourced their AI red team labs so you can set up your own training! aka.ms/AIRTlabs @ram_ssk
Dear Security @Microsoft please fix this.
Dear Security @Microsoft please fix this.
1. Create a dMSA object (badmsa$) under sacrificial VulnOU and targeting Administrator identity. (you need a user with at least CreateChild privilege over an OU) 2. Request a service ticket as badmsa$ 3. Retrieved ticket contains superseded identity's groups 4. DCSync
🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷♂️ Read Here - akamai.com/blog/security-…
I often see User Administrator role given to helpdesk and sometimes support staff, like secretaries or librarians to help with password reset / user creation and attribute updates ⚠️ User Administrator has many paths to Global Admin or equivalent ⚠️ learn.microsoft.com/en-us/entra/id…
To extend on this with some issues that were not mentioned but are just as important. - SCCM site server relay: authentication coercion of the site server via petitpotam gives local admin everywhere - MSSQL systems with signing off - shared local admin passwords - shared local…
To extend on this with some issues that were not mentioned but are just as important. - SCCM site server relay: authentication coercion of the site server via petitpotam gives local admin everywhere - MSSQL systems with signing off - shared local admin passwords - shared local…
Delegated permissions in Active Directory: silent but deadly 💩💨🤢 For example: Some random user with “FullControl” of the Domain Controllers OU Nessus didn’t find it… The IT team didn’t know it was there… It wasn’t discovered on past pentests… 🧵I found it almost…
Windows Directories Every SOC Analyst Should Know
0 click NTLM hash grab! This is actually one of the craziest exploits I have ever seen Shoutout to @zeifan for the original POC He was kind enough to share his version where simply right clicking the lnk file would send over the users password hashes I did a little modification…
Microsoft recently launched/refreshed guidance on how to protect against token theft and token replay: 1️⃣learn.microsoft.com/en-us/entra/id… 2️⃣learn.microsoft.com/en-us/entra/id…\ Go check!
If you are licensed for PIM, this is such a hidden gem I really wish the name of the blade wasn't Alerts... It's really a recommendation with fix it buttons, like Defender for Cloud does, except this is for Identity 😎 Some easy but highly valuable wins here :)
If you are licensed for PIM, this is such a hidden gem I really wish the name of the blade wasn't Alerts... It's really a recommendation with fix it buttons, like Defender for Cloud does, except this is for Identity 😎 Some easy but highly valuable wins here :) https://t.co/JxFioEiZXY
Ryley Prohaska @RyleyP11359
120 Followers 1K Following
NolaCon @nola_con
3K Followers 2K Following New Orleans Information Security (IT)/Hacker Conference #nola #infosec #hackercon #nolacon
Wandering Star @SW_Samii
5K Followers 4K Following Curator of Chaos Security Weekly Director of Operations (Studio Mom).
Elon Musk @elonmusk
225.4M Followers 1K Following
Jesse Peltan @JessePeltan
58K Followers 559 Following On a mission to build Type 1 Civilization and restore the biosphere
nix @aniqfakhrul
1K Followers 775 Following tweets are my own. i tweet about https://t.co/RTNwkcmCMJ a little too much
Neural Viz @NeuralViz
11K Followers 130 Following Maker of stupid stuff. Business Inquiries: David Stone - [email protected] Joel Begleiter - [email protected]
LetsDefend @LetsDefendIO
131K Followers 0 Following Learn cybersecurity with hands-on blue team training
I am Jakoby @I_Am_Jakoby
21K Followers 1K Following Powershell Hacker LOLbin specialist Sniper, skydiver wannabe super spy
spencer @techspence
12K Followers 2K Following 🛡️Empowering defenders & dismantling threats | Ethical Threat | pentester @securit360 | host @cyberthreatpov | SWAG https://t.co/AFJtZQcti7
Kitboga @Kitboga
125K Followers 160 Following Improv artist who calls scammers & explores the internet. Laughter is the best medicine. https://t.co/aEC5M10HUJ Business Inquiries: [email protected]
Bert-Jan 🛡️ @BertJanCyber
4K Followers 563 Following CSIRT | https://t.co/Tu1l2ZFe0T | Microsoft Security MVP | Blue & Purple Team | SOC | SIEM | Threat Hunting | Detection Engineering | #KQL |
Microsoft @Microsoft
14.0M Followers 2K Following We're on a mission to empower every person and every organization on the planet to achieve more. Support: @MicrosoftHelps
Aurimas Griciūnas @Aurimas_Gr
31K Followers 784 Following 🔨 Founder & CEO @ SwirlAI 📖 Writing about #LLM, #AI, #DataEngineering, #MachineLearning and #Data ✍️ Author of SwirlAI Newsletter.
Matt Pocock @mattpocockuk
201K Followers 737 Following I teach devs for a living. Author of Total TypeScript and AI Hero. Ex-@vercel. Used to be a voice coach.
Orin Thomas @orinthomas
8K Followers 117 Following Working at Microsoft on things related to Windows Server, Azure Hybrid Cloud, & Azure & On-Prem AI Workload Operations. Author of 45+ Microsoft Press textbooks.
Olaf Hartong @olafhartong
17K Followers 964 Following @FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model
Thomas Naunheim @Thomas_Live
7K Followers 458 Following #MicrosoftMVP | Cyber Security Architect 🛡️| #MicrosoftEntra 🔑 + #Azure ☁️ | #Schaengel
Thomas Massie @RepThomasMassie
1.4M Followers 24K Following U.S. Representative KY4, Engineer, Farmer, Inventor. 30 patents. Appalachian American. MIT SB93 SM96 #sassywithmassie #politicalsciencedenier pronoun: Pappaw
Eureka Labs @EurekaLabsAI
73K Followers 1 Following We are building a new kind of school that is AI native.
Andrej Karpathy @karpathy
1.4M Followers 1K Following Building @EurekaLabsAI. Previously Director of AI @ Tesla, founding team @ OpenAI, CS231n/PhD @ Stanford. I like to train large deep neural nets.
Jeremy Wallace MVP @TheAzureMVP
359 Followers 187 Following Microsoft MVP, MCT, and Azure Solutions Architect
Christopher Glyer @cglyer
24K Followers 154 Following Microsoft Threat Intelligence Center - Former Incident Responder & Chief Security Architect @Mandiant
Elli Shlomo (IR) 🏴... @ellishlomo
4K Followers 83 Following Security Researcher ~ Security AI Specialist ~ Cloud IR ~ Microsoft Security MVP
Nathan McNulty @NathanMcNulty
17K Followers 1K Following Loves Jesus, loves others | Husband, father of 4, security solutions architect, love to learn and teach | Microsoft MVP | @TribeOfHackers | 🦋@nathanmcnulty.com
Raffaele Sommese @RaffySommy
191 Followers 157 Following Assistant Professor in Internet Security @utwente DNS, Routing and Internet Stability and Security
🇺🇦 Nate Warfiel... @n0x08
14K Followers 2K Following Hacker | WIRED25 2020 | Drum&Bass DJ | https://t.co/Aa7tIdCdrM
failOpen @failOpen
1K Followers 215 Following Don't be shitty. 🏳️🌈 Black Lives Matter Mostly afk, no notifications on. Twitter is awful.
whynotsecurity @whynotsecurity
666 Followers 5 Following
Wild West Hackin' Fes... @WWHackinFest
14K Followers 476 Following Join us for Wild West Hackin' Fest - Deadwood 2025! Conference: Oct. 8-10, 2025; Pre-Conference Training: Oct. 7-8, 2025.
Derek Rook @_r00k_
12K Followers 423 Following responsible tech, science nerd, comics spouse. Posts are short form opinions and should be post scripted with "in some relevant situations" he/him
Trimarc @TrimarcSecurity
5K Followers 136 Following We are the experts in Active Directory, Entra ID, and Identity security. Find out more about our services at https://t.co/3kWA6f7dh1.
Cassidy @cassidoo
176K Followers 665 Following Making memes, dreams, & software! Sr. Director of Dev Advocacy at @github. Married to @ijoosong, mom of 2 nerdy babies. She/Her ✝️ Subscribe to my newsletter!
Zack Whittaker @zackwhittaker
70K Followers 934 Following Security editor @TechCrunch • +1 646.755.8849 • [email protected] • https://t.co/X6GJDYwaBE
HanseSecure GmbH @HanseSecure
4K Followers 1 Following Erhöhe wirksam & nachhaltig die Cybersecurity in deinem Unternehmen
Florian Hansemann @CyberWarship
84K Followers 47 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
Active Countermeasure... @ActiveCmeasures
4K Followers 303 Following Threat Hunting your network has never been so awesome! Creators of AC-Hunter. Contact us for a personal Q&A session.
Chris Brenton @Chris_Brenton
1K Followers 54 Following All things computer, network and cloud security.
Accidental CISO @AccidentalCISO
57K Followers 2K Following I accidentally became the CISO. I didn't want this job, but the job chose me. I'm scared, and I want to go home.
ʝօʄʄ ȶɦʏɛʀ �... @joff_thyer
5K Followers 846 Following Penetration Tester, Security Researcher, Developer, Musician, Certified SANS Instructor, @SecurityWeekly Co-Host, and occasional Tweetl33tist.
whiskers 🖤 @initinfosec
8K Followers 3K Following script kitty | chill techie with an OffSec penchant | not l337 | CRTL, OSCP, CISSP, etc. | opinions my own or from /dev/random | he/him/=^_^=
Fing Internet Alert @outagedetect
24K Followers 5 Following Is the Internet down 😵 for everyone or just me? Fing outage detection is a free service that provides you awareness of your connectivity quality in real-time.
Backslash Intelligenc... @BackSlashGroup
303 Followers 0 Following Operations Terminated - Effective 12 April, 2020
Trends for United States
You might like
