Nasreddine Bencherchali
@nasbench.bsky.social
Detection @Splunk | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
Reposted by Nasreddine Bencherchali
🔐 Windows Security and SDDL: What You Need to Know 🔐
Windows permissions misconfigurations are a goldmine for attackers. SDDL (Security Descriptor Definition Language) remains overlooked yet highly exploitable. 🚨
@nasbench.bsky.social and I break it down -->
🧵 (1/)
Windows permissions misconfigurations are a goldmine for attackers. SDDL (Security Descriptor Definition Language) remains overlooked yet highly exploitable. 🚨
@nasbench.bsky.social and I break it down -->
🧵 (1/)
February 21, 2025 at 3:55 PM
🔐 Windows Security and SDDL: What You Need to Know 🔐
Windows permissions misconfigurations are a goldmine for attackers. SDDL (Security Descriptor Definition Language) remains overlooked yet highly exploitable. 🚨
@nasbench.bsky.social and I break it down -->
🧵 (1/)
Windows permissions misconfigurations are a goldmine for attackers. SDDL (Security Descriptor Definition Language) remains overlooked yet highly exploitable. 🚨
@nasbench.bsky.social and I break it down -->
🧵 (1/)
Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time www.splunk.com/en_us/blog/s....
Thrilled to share my first blog at @splunk! @mhaggis.bsky.social and I take a deep dive into the weird & exciting world of SDDL and ACEs - what they are, how they work, and how attackers can abuse them.
Thrilled to share my first blog at @splunk! @mhaggis.bsky.social and I take a deep dive into the weird & exciting world of SDDL and ACEs - what they are, how they work, and how attackers can abuse them.
Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time | Splunk
Explore SDDL in Windows security with our comprehensive guide to help enhance your defensive strategy against privilege escalation attacks.
www.splunk.com
February 15, 2025 at 10:36 PM
Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time www.splunk.com/en_us/blog/s....
Thrilled to share my first blog at @splunk! @mhaggis.bsky.social and I take a deep dive into the weird & exciting world of SDDL and ACEs - what they are, how they work, and how attackers can abuse them.
Thrilled to share my first blog at @splunk! @mhaggis.bsky.social and I take a deep dive into the weird & exciting world of SDDL and ACEs - what they are, how they work, and how attackers can abuse them.
Reposted by Nasreddine Bencherchali
🎙️ New podcast episode is live! I used my experience as an Incident Responder and provided it to NotebookLM to turn into a podcast. Wondering what it feels like to be in IR? This episode shares most responsibilities, true to life for 99% of IR folks.
Hope you enjoy: creators.spotify.com...
Hope you enjoy: creators.spotify.com...
Incident Response: Behind the Scenes by InfoSec Deep Dive
Explore the field of incident response with our hosts as they discuss what it means to be an incident responder. From preparation to recovery, they cover the phases of handling security incidents and the approach needed to remain effective under pressure. Using real-world examples like ransomware attacks, they talk about the challenges, tools, and teamwork involved in reducing impact and learning from each event. This episode provides insight into the essential role of incident responders. Whether you want to know about the tools they use, the choices they make, or their daily tasks, this episode has you covered. Join us to understand why cybersecurity matters for everyone.
creators.spotify.com
January 27, 2025 at 12:10 AM
🎙️ New podcast episode is live! I used my experience as an Incident Responder and provided it to NotebookLM to turn into a podcast. Wondering what it feels like to be in IR? This episode shares most responsibilities, true to life for 99% of IR folks.
Hope you enjoy: creators.spotify.com...
Hope you enjoy: creators.spotify.com...
AI allows you to do more work with the same salary. Allowing companies to make more money, and, it uses your data to train so that it'll replace you later.
When is the utopia we read about in sci-fi books. Looks like we skipped to the doom and gloom and AI overlords chapter too quickly 😭
When is the utopia we read about in sci-fi books. Looks like we skipped to the doom and gloom and AI overlords chapter too quickly 😭
January 24, 2025 at 10:01 PM
AI allows you to do more work with the same salary. Allowing companies to make more money, and, it uses your data to train so that it'll replace you later.
When is the utopia we read about in sci-fi books. Looks like we skipped to the doom and gloom and AI overlords chapter too quickly 😭
When is the utopia we read about in sci-fi books. Looks like we skipped to the doom and gloom and AI overlords chapter too quickly 😭
I guess we're still here @kostas-sec.bsky.social 😂
Bsky is chill
Bsky is chill
January 23, 2025 at 12:30 AM
I guess we're still here @kostas-sec.bsky.social 😂
Bsky is chill
Bsky is chill
Reposted by Nasreddine Bencherchali
Compared to release v2023-08-24, in v2024-11-10 there are 469 more public #detectionrules in the #SigmaRules repository.
www.dogesec.com/blog/analysi...
#threatintelligence #threatintel
www.dogesec.com/blog/analysi...
#threatintelligence #threatintel
December 9, 2024 at 10:41 AM
Compared to release v2023-08-24, in v2024-11-10 there are 469 more public #detectionrules in the #SigmaRules repository.
www.dogesec.com/blog/analysi...
#threatintelligence #threatintel
www.dogesec.com/blog/analysi...
#threatintelligence #threatintel
Reposted by Nasreddine Bencherchali
💡Interested in #memoryforensics ? Follow
✅ @volexity.com
✅ @volatilityfoundation.org
✅ @attrc.bsky.social
✅ @rmettig.bsky.social
✅ @nolaforensix.bsky.social
➡️ more to come!
✅ @volexity.com
✅ @volatilityfoundation.org
✅ @attrc.bsky.social
✅ @rmettig.bsky.social
✅ @nolaforensix.bsky.social
➡️ more to come!
November 20, 2024 at 6:58 PM
💡Interested in #memoryforensics ? Follow
✅ @volexity.com
✅ @volatilityfoundation.org
✅ @attrc.bsky.social
✅ @rmettig.bsky.social
✅ @nolaforensix.bsky.social
➡️ more to come!
✅ @volexity.com
✅ @volatilityfoundation.org
✅ @attrc.bsky.social
✅ @rmettig.bsky.social
✅ @nolaforensix.bsky.social
➡️ more to come!
Reposted by Nasreddine Bencherchali
I’m looking for a new remote work opportunity starting in April. If you think I’d be a good fit for your team, let me know!
November 20, 2024 at 10:07 PM
I’m looking for a new remote work opportunity starting in April. If you think I’d be a good fit for your team, let me know!
Everybody joining and preaching BS aka Blue sky 😆
Enjoy your weekend everyone.
Enjoy your weekend everyone.
Blue Sky Jimmy Cliff GIF
ALT: Blue Sky Jimmy Cliff GIF
media.tenor.com
November 16, 2024 at 12:24 AM
Everybody joining and preaching BS aka Blue sky 😆
Enjoy your weekend everyone.
Enjoy your weekend everyone.
Reposted by Nasreddine Bencherchali
Cisco Talos Incident Response (Talos IR) recently observed an attacker conducting big-game hunting and double extortion attacks using the relatively new Interlock ransomware. Read the blog here: cs.co/6019SsMIh
#dfir #threatintel #cybersecurity
#dfir #threatintel #cybersecurity
Unwrapping the emerging Interlock ransomware attack
Cisco Talos Incident Response (Talos IR) recently observed an attacker conducting big-game hunting and double extortion attacks using the relatively new Interlock ransomware.
cs.co
November 13, 2024 at 2:07 PM
Cisco Talos Incident Response (Talos IR) recently observed an attacker conducting big-game hunting and double extortion attacks using the relatively new Interlock ransomware. Read the blog here: cs.co/6019SsMIh
#dfir #threatintel #cybersecurity
#dfir #threatintel #cybersecurity
LOLDrivers are cool 😎
November 18, 2023 at 3:23 PM
LOLDrivers are cool 😎