I’m thinking to create a course in the future as well.

Hire this kid, folks.

Would rather say that you have to learn “problem solving” in general. I could be bias, but skills like troubleshooting for instance would be super valuable.

⚡ Check out this new Microsoft Entra blog post 👇

Microsoft Graph activity logs is now generally available

techcommunity.microsoft.com/t5/microsoft-e…

I’m not a big fan of courses, but Hands-down this is the best IR course out there in the market. Yes, I said best… If you’re into IR or Threat Hunting. This is the course that you should aim for. It covers *actual* analysis and no-nonsense. Happy that I was able to contribute!

APT Emulation Labs: NOW LIVE 🎉

Solve incidents emulating APT29, APT10 and other threat groups.

$45 per month access to ALL labs:
👀 150+ hours of lab content
👀 Disk forensics + ELK logs
👀 Hints, questions and point system
👀 7 days free trial

Labs are created & designed…

Audit log query graph API for Microsoft 365 rolling out in May. Has anyone found the actual documentation for the new API? Asking for a friend 💀 #m365 #DFIR

David, age 24, says he's 'glad that Entra changes so frequently. It keeps my mind young.'

Hey hacker family,

I'm looking for a Hack The Box 'er who wants a pentesting role (to start), who likes exploiting Active Directory configurations, and wants to learn MS Cloud. This is to backfill my current role at Polito and provide coverage for my skills specialties.

If…

Anyone interested in the internals of Windows Storage Management? Topics such as Disk Device Objects, Partition Manager, Volume Manager, etc.

Man, people on Twitter really go out of their way to try to make you feel bad about being successful. If you are alive you're privileged, and some people have more of that than other people. Now that that's out of the way, go ahead and focus on bettering yourself and less on what…

Love seeing how Andres Freund (Tech), with his curiosity and craftsmanship, was able to help us all. Security is a team sport, and this is the culture we need everywhere. securityboulevard.com/2024/03/an-acc…

Happy Easter folks!

if you don't know how to solve a problem, start by solving a lesser version of it

Avast discovered an in-the-wild admin-to-kernel exploit for a previously unknown zero-day vulnerability in the appid.sys AppLocker driver being leveraged by Lazarus. decoded.avast.io/janvojtesek/la…

I'm looking for a new role. I will be remaining at my current employer for at least 30 days.

- Pentesting specializing in internal active directory
- Threat hunting in incident response using EDR admin consoles: CrowdStrike and Carbon Black
- Purple team: develop emulations and…

Cyb3rm0nk DebugPrivilege Probably the best source for advanced threat hunting tradecraft iv found. Not much else comes close apart from personal direct research, recreating what DebugPrivilege has done here.

Just came across this repo, github.com/DebugPrivilege… by DebugPrivilege. Amazing write ups and a great inspiration

This guy gets it.

Ned Pyle I don't want Arc on my Domain Controllers, I don't want any Cloud C&C on them. Apparently no choice if I have to have AMA (events to Sentinel) or using MDE in certain licensing models. So in that case I don't want Arc doing anything else, nothing else. I don't want it at all.