“##s the administrator ’ s effort and maximizes roi ; simply run the powershell commands offered to make your environment more hostile to threat actors attempting to gain initial access. * * * thanks to the contributors of this blog, harlan carvey and dray agha. 2 https : / / lear…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.001PowerShell
90%
“some powershell one - liners you can deploy with ease to engineer these defences via the registry. you can copy / paste the powershell code provided in this blog post with no modifications, we ’ ve done all the hard work for you. disrupt onenote malware with respect to onenote fi…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1204.002Malicious File
85%
“those files, allowing them to immediately access and launch files embedded within those disk image files. figure 2 illustrates what it looks like when a user automatically mounts a disk image file by double - clicking it, allowing them to execute the contents of the drive, detona…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1204.002Malicious File
77%
“addressing initial access | huntress see huntress in action. engineering defence in february 2022, microsoft announced that due to how pervasive the use of “ weaponized ” documents were, they were going to block macros in ms office documents downloaded from the internet by defaul…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1484.001Group Policy Modification
36%
“on the internet there is the suggestion that office 365 group policy templates must specifically be downloaded and imported on a machine, to successfully administer a number of gpo changes to reduce your attack surface here. on investigation [ 1, 2 ], these templates have the gpo…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.001PowerShell
33%
“addressing initial access | huntress see huntress in action. engineering defence in february 2022, microsoft announced that due to how pervasive the use of “ weaponized ” documents were, they were going to block macros in ms office documents downloaded from the internet by defaul…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Series of blog posts that share the breadth and depth of Huntress’ experience to assist others in reducing their attack surface, and inhibiting or even obviating cyber attacks.