Security Detections for a Hybrid Azure AD Join Environment
The enterprise environment of today is much more highly complex than even a couple of years ago. Microsoft Windows Active Directory (AD) has been the most used go-to when it comes ...
Read MorePing of Death v2: Windows IPv6 Vulnerability (CVE-2020-16898/9)
Microsoft has released 11 Critical level patches during this Patch Tuesday (including the latest Adobe Flash security update). However, two of these vulnerabilities among those bei...
Read MoreA Security Engineer Does InfoSec Marketing
I’ve never thought that I’ve been great at marketing, good? Sure, but definitely not great. I’ve done my bit personally over the last few years to build up followers, althoug...
Read MoreWhat You Need to Know About SigRed: Windows DNS Vulnerability (CVE-2020-1350)
Two researchers at Check Point Research recently discovered a critical vulnerability in the Windows DNS server (CVE-2020-1350), also known as ‘SigRed.’ Microsoft has acknowledg...
Read MoreHow To Download, Install, and Configure Sysmon for Windows
In addition to the default built-in logging that Windows Server offers, there are also additional configuration options and software that can be added to increase the visibility of...
Read MoreThreat Analysis: PowerShell Malicious Activity
The other day here at Blumira we had a customer detection trigger that caught our attention. This was a detection I created a while back with zero false positives so far for a Powe...
Read MoreHow to Optimize Windows Logging for Security
One of the most common configurations taken for granted is the built-in Microsoft Windows logging capabilities. Microsoft Windows continues to dominate the corporate enterprise mar...
Read MoreBlumira at RSA Conference 2020!
Having just recently joined Blumira a few weeks ago, it wasn't realistic for us to pull together a plan to be on the vendor floor or host a party, so we're going with the next be...
Read MoreWhat excites me about Shmoocon 2020 and where to find me!
For those that haven’t heard of Shmoocon, it’s a leading information security conference located in Washington DC that starts tomorrow January 31st, 2020 and runs through Sunda...
Read More