🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Incredible line-up for the #TROOPERS25 AD & Entra ID Security Track, featuring Jonas Bülow Knudsen Martin Haller Dirk-jan Fabian Bader Dr. Nestori Syynimaa S3cur3Th1sSh1t Duane Michael & many more linkedin.com/posts/enno-rey…

File share fail: assigning permissions to “Domain Users” or “Authenticated Users”. Here’s what to do instead… Create dedicated security groups Add only the users who need access Apply permissions to the group, not everyone

The Microsoft Entra PowerShell module team has released v1.0.8 which resolves a few issues and feature requests. Check the release notes and go get it! github.com/microsoftgraph…

Happy pride 😊

It’s #CyberMentoringMonday!!!! Are you looking for a professional mentor or to learn more about InfoSec? Are you experienced and willing to ‘give back’? Use this thread and hashtag to connect!

The new episode of #SecurityNoise is out now! This week, we are talking to Sean Metcalf about #ActiveDirectory, common challenges in the identity security space, frequently seen #pentest findings, and more. Listen now or watch on YouTube! trustedsec.com/resources/podc…

Your life is finite. What more do I need to say to give you a jolt of urgency to live it up as big as you can?

Using the following phrases: "I'm bad at money" "I'm bad at math" "You should handle our money. You're so much better at it"

linkedin.com/newsletters/be…

P.S. It’s Okay to not Be Okay. Thanks.

My advice to kids has changed recently and it's not to get a cybersecurity degree. Get a computer science one, with a specialization in AI or an AI solely degree. I feel like right now, the cybersecurity market is pretty rough on hiring folks in - and that's only going to get

And the most important part "Please keep in mind that in its current state, the MCP server is just for use with Claude Desktop, implying that any data contained within the BloodHound host that the MCP accesses is sent to Anthropic. Please do not send production data to

Some recent quotes that stuck with me: · "It’s always a no if you don’t ask" · "If you’re lost, the answer is education. If you’re educated, the answer is execution. If you’re executing, the answer is consistency" · "Learn one level deeper than you think necessary to be

It looks like Okta finally added support for Entra External Authentication Method (EAM)! 🎉 help.okta.com/oie/en-us/cont… This allows Okta Verify to meet Conditional Access "Require MFA" requirements, no more custom controls! So let's do a thread on how to set this :)

A quietly significant change in Active Directory.... MS explains that this is necessary to make Windows actually fully honor settings not to use RC4 and for MS to deprecate DES and RC4 usage in the years to come.

Verbose error messages might be useful, but they can reveal too much. In our latest blog, nyxgeek shows how a now-fixed #Azure logging bug could have allowed attackers to confirm valid passwords, despite failed logins. Read now! trustedsec.com/blog/full-disc…

During our Active Directory Security Assessments, we do find Google Chrome and other browsers installed on Domain Controllers occasionally. Please don't use your DC for web browsing.

Happy Best Friend's Day! Tag the Bert to your Ernie.

Received the news today that my talk "Advanced Active Directory to Entra ID lateral movement techniques" was also accepted for DEF CON 🎉 hope to see everyone there!