Recent 0 Day for Chrome Browser needed patching ASAP -> https://www.bleepingcomputer.com/news/security/google-patches-another-actively-exploited-chrome-zero-day/ By default Chrome leaves browser relaunch and Update installation up to the user To force this […]
Category: Research
Research Undertaken
Intune – Enumerate administrator accounts on elevation
Option 1 – Set the following Group Policy:Computer Configuration\Policies\Administrative Templates\Windows Components\Credential User Interface\Enumerate administrator accounts on elevationTo the following value: Disabled Option 2 – Follow these steps to apply a […]
Microsoft \ platform-managed key Azure Rotation
As Microsoft Manage your keys ( not Customer Managed Keys ( CMK ) ) – How often exactly are Microsoft-managed keys rotated · Issue #68838 · MicrosoftDocs/azure-docs · […]
Scoping Questions for Azure Files
How low does the latency need to be? Express Router or Onprem Server?Tiering ? ( Onprem Server then to Cool Storage or Netapp Files)DFS?Identity?Security? Public Access not […]
How to use a Powershell script for a Monitor in Labtech Connectwise
You need to add the powershell script below to a bat file , as we can’t copy both the powershell.exe and the ps1 one Create a script […]
Cookies Missing Attributes in RDWeb Gateway
The HTTPOnly attribute makes cookies inaccessible to JavaScript. Additionally, the Secure attributeensures that the cookie may only be transmitted over HTTPS. Cookies used by the application didnot […]
Wireless SSID Certificate Based Auth ( Azure AD )
Setting up a radius server for Azure AD joined devices and 802.1x | Nicola Suter (nicolonsky.ch) Paid for -> https://www.securew2.com/blog/azure-ad-802-1x https://katystech.blog/mem/intune-8021x-pkcs User Auth Solution https://katystech.blog/mem/intune-8021x-pkcs NDES and […]
Internet Information Services (IIS) Securing Best Prac \ Website Headers
ASPNET \ Web Server \ Misconfiguration: Missing Error HandlingDisable Detailed errors in IISPermissions-Policyfullscreen=() Cache-Controlprivate, no-storeReferrer-Policystrict-origin-when-cross-originwe can conclude that the default setting deals with most of the security X-XSS-ProtectionX-XSS-Protection : […]
365 Backup Products
https://afi.ai/https://www.n-able.com/products/cove-data-protectionhttps://www.backupify.com/365 Veeam ( Needs Server ) Synology Nas ( Needs Onprem )
Windows Defender Best Practice
-Enable App Governance -Enable Defender for Identity -Turn all Advanced Features for Endpoints – Enable default Policies for App Discovery