Thanks A.M.C for coming to see those devon farmers, uni students and old guys at the back

Go on, have a vote. Selfishly Lilly and Bella look the best!

Jennifer Elliott, Stella Aghakian, and Meaghan Bradshaw from Microsoft, gave a talk titled "Thinking Outside the (Dead)Box," a crash course on how Microsoft hunts for threats. #BlueHat

The financially motivated threat actor tracked by Microsoft as Octo Tempest, whose evolving campaigns leverage tradecraft not seen in typical threat models, represents a growing concern for organizations. Get TTPs and protection info: msft.it/60129Lhkw

Some new capability in Microsoft Entra ID you may be interested in, you can provision and manage on-premises AD groups via the cloud sync agent. Membership of these groups can be fully managed in Entra and written back on-premises, now in public preview - learn.microsoft.com/en-us/entra/id…

A must have to everyone’s arsenal

I’m gonna give 10 random people that repost this and follow me $25,000 for fun (the $250,000 my X video made) I’ll pick the winners in 72 hours

MrBeast If I win this giveaway, I’ll give someone who likes and reshares this post: $6,900

Reposting some of the richest men in the world hoping to catch a break 😅😅

Great opportunity to join the MSTIC team at Microsoft.

Looks like we're getting some Unified Audit Log integration with Defender for Endpoint 🥳

What's happening here? Have you considered running the latest Arsenal Image Mounter (& our other tools) against the electronic evidence from cold cases? Good hunting! ArsenalRecon.com #DFIR

2 years today, one of the very best departed. RIP Shane Warne, the King 👑

Devon does it best.

I’m not crying, you are

“Bypassed Defender with all defaults enabled” is silly. It usually gets followed by “well why isn’t everything enabled by default?”, which is even funnier. Operational experience is lacking with some folks. It’s a close minded approach. Rather, I bypassed X with ABC as the system

Looking forward to The Definitive Guise to KQL arriving tomorrow! I hope Matt Zorich doesn’t quote me page numbers when I ask for help at work 😅😂

Bluehat IL day one was a blast! Can’t wait to see you tomorrow for more awesome talks and surprises!

Mimikatz to modelling

This isn’t a Microsoft problem. It’s not an ANY.RUN problem either. It’s a problem when orgs accept the risk of submitting confidential data using API keys tied to free accounts – which by default create public submissions. If you do that, you’re basically