If you want to detect exploitation of #printNightmare/CVE-2021-1675 (and you most certainly do) enabling PrintService-Operational event logging (not default), was the most reliable method we found in the BreachQuest lab. Here's how to script enabling the logging:

So Kaseya Corp is having a "service interruption." In reality, they've almost certainly been hit by ransomware. We're seeing multiple customers who use Kaseya hit with Sodinokibi ransomware. If you get to celebrate this weekend, talk to your friends about supply chain security.

Said: 1 in 4 employees surveyed still have access to accounts from past employers Unsaid: the other three didn't have any third party accounts at the past employer You can't do security without a joiner/mover/leaver program. Period. techrepublic.com/article/1-in-4…

We're growing! If you know someone that is interested please have them apply directly or DM Andrew King (AJ) for more details.

How do you know that your #SIEM will alert you about threats when they inevitably appear? In Thursday's livestream, Blumira's C-00000291*.sys emotional support team and @EricaMix, along with Andrew King (AJ), CISO at BreachQuest, will go over 5 easy ways to test your SIEM. Join us: bit.ly/2UJSQ90

The Federal Government has provided a comprehensive website to help you take the first steps to protect your network.hubs.li/H0SCcFV0

If you're a CISO or aspiring CISO with solid leadership experience - shoot Andrew King (AJ) a DM!

We take care of our people! If you're a DFIR guru and looking for a place to call home where you get to work with some of the best people in the world (admittedly we're biased) check out our careers page! breachquest.com/careers/

If you work in incident response today, what's thing do you have the hardest time tracking during an incident? Where are your challenges keeping stakeholders in sync? I'm trying to get a pulse on the state of the field outside of my bubble. Please RT for reach.

We now know that employees at Kaseya warned of multiple security risks. It doesn't have to be this way. BreachQuest's CISO Andrew King (AJ) weighs in. hubs.li/H0Trb8t0 SC Media

Hey, this is our CTO and Co-Founder! x.com/wallofsheep/st…

Big news! Announcing our $4.4m seed round to speed the development of the Priori Platform and enable us to grow our incident response. Partnering with Slow Ventures, Lookout's Kevin Mahaffey, and Tinder's Sean Rad and hubs.li/H0VYY6q0 hubs.li/H0VY_s50

Thanks Dark Reading for covering our recent 4.4M$ seed financing from Slow Ventures and the founders of Lookout and Tinder. We are so excited about building Priori - the Incident Response Platform of tomorrow. hubs.li/H0W5cKM0

Hey, if you are at Blue Team Con, at 5 PM check out our founder Jake Williams. He is speaking. "Stop talking nerdy to me: translating the value proposition of the blue team to the C-Suite."

If you are at Blue Team Con, and you rush, you can hear our founder Jake Williams Speak on ""Stop talking nerdy to me: translating the value proposition of the blue team to the C-Suite"

If you're going to be attending BSidesAugusta be sure to check out the CTF - "Bluez Cluez" a DFIR focused CTF!

Check out what Jake Williams had to say about joining BreachQuest and our mission to help companies in "preparing for the inevitable." techcrunch.com/2021/08/25/bre…

Wishing all our followers near and far a Happy Thanksgiving

Our CTO Jake Williams speaks with Lisa Vaas at Threatpost about the recent cyberattack effecting the data of 80K fertility patients. hubs.li/Q011NK080

We spoke with @ZDNet about the recent JNDI vulnerability in H2 Database consoles found by JFrog researchers. hubs.li/Q011PKh10