Azure Sentinel Query—Monitor USB data Exfiltration

This article understands that you already configured Sentinel in your Environment Data exfiltration can be caused intentionally or by mistake Malicious insiders can be considered as trusted actors that can cause damage to your organization to their own gain There are many types of exfiltration ( Email , Sharing Links , USB .. ) In … Continue reading Azure Sentinel Query—Monitor USB data Exfiltration

The Kerberos ticket instant refresh and Security Legacy Protocols

If you ever wondered why when applying permissions on Windows Enviorment takes time to apply to the user the response is : the Kerberos ticket The trick is simple just running the following command you should refresh the permissions without having to reboot Open cmd.exe run Klist purge Now I would like to go through … Continue reading The Kerberos ticket instant refresh and Security Legacy Protocols

Stop using SMB1 PowerShell command

Hi For security reasons SMB1 should not be longer used; although this is being ignored by several companies and users. Top 5 reasons:   -Smb1 is not safe ( easily hackable) -Smb1 is not modern or efficient (read, write, cache ) -Smb1 is no longer required unless you do use Windows XP / 2003 ( … Continue reading Stop using SMB1 PowerShell command