Guy Leech
LightNews LightNews
banner
guyrleech.bsky.social
Guy Leech
@guyrleech.bsky.social
1.2K followers 230 following 850 posts
PowerShell nut. Dog owner. Grandfather
Posts Replies Media Videos
Reposted by Guy Leech
rorymon.com
New Episode! 🚨

I cover layoffs from Amazon and GM, the root cause of the recent AWS outage, a concerning new Teams feature, my review of Pwn2Own Ireland 2025 and more!

🔊 Listen: on.soundcloud.com/ncOCKrv63zJM...
📺 View: youtu.be/aaLAY23ZJa4?...
Amazon Announces Layoffs! Pwn2Own Ireland! New Teams Monitoring Feature!
YouTube video by 5bytespodcast
youtu.be
October 29, 2025 at 9:38 PM
guyrleech.bsky.social
Here's a typical use case for me using -Outvariable in an interactive PowerShell command line where I'm searching for a file so I want visual output as it searches but I also want the results in a variable so I can access more properties later if I need them without searching again
October 29, 2025 at 11:58 AM
Reposted by Guy Leech
jaapjaap.bsky.social
We're at 99 members on our new Dutch PowerShell User Group meetup, are you going to get us to 100?

Join us, for our favorite price: Free, here: meetup.com/dutch-powers...

And if you do, share it here!

#PowerShell #DevOps
Dutch PowerShell User Group | Meetup
Welcome to the Dutch PowerShell User Group! This group is for anyone interested in PowerShell, DevOps, Infrastructure as Code, and Cloud Infrastructure. Join us to learn, share knowledge, and network ...
meetup.com
October 22, 2025 at 2:06 PM
guyrleech.bsky.social
PowerShell 7.5.4 released
github.com/PowerShell/P...
Release v7.5.4 Release of PowerShell · PowerShell/PowerShell
7.5.4 Build and Packaging Improvements Update to .NET SDK 9.0.306 [release/v7.5] Update Ev2 Shell Extension Image to AzureLinux 3 for PMC Release (#26032) [release/v7.5] Fix variable reference ...
github.com
October 20, 2025 at 8:02 PM
guyrleech.bsky.social
Just dug this 2018 tweet out as seeing the issue at a customer:

#Windows Security event log being swamped by 4703 "A token right was adjusted" events? Disable "Audit Authorization Policy Change" by local or group policy. Common with #SCCM
learn.microsoft.com/en-us/previo...
October 1, 2025 at 9:44 AM
guyrleech.bsky.social
What's the current thinking/consensus/experience of having duplicate machine SIDs on the same subnet & members of the same domain (different hostnames & MAC & IP addresses obviously)?
It's many years since @markrussinovich.bsky.social said changing SIDs wasn't necessary but what about RoW?
September 29, 2025 at 1:58 PM
Reposted by Guy Leech
psconf.eu
💡 Be Your Own Sherlock in the Realms of Microsoft Graph
👨‍🏫 @hcritter.bsky.social – Senior System Engineer at CANCOM GmbH
🗓️ 14 Oct | #PSConfEU MiniCon
👉 Free ticket: synedgy.com/psconfeu-minicon
#PowerShell #Microsoft #Graph #automation
September 26, 2025 at 10:30 AM
guyrleech.bsky.social
If you want to quickly figure out if & where a process is writing a logfile, create a filter (ctrl l) in @SysInternals procmon for your process(es) and also Category = Write & turn off registry & network capture in the toolbar
September 26, 2025 at 1:11 PM
guyrleech.bsky.social
Any of you got experiences of packaging Adobe or AutoCAD apps into MSIX and delivering via App Attach? About to have a play myself but interested to know if others have tried. I think going App-V is probably not a sensible approach given its life expectancy.
September 26, 2025 at 11:55 AM
guyrleech.bsky.social
Need to turn %USERDNSDOMAIN% into canonical form, eg for ADSI ?

"DC=$(($env:USERDNSDOMAIN -split '\.') -join ',DC=')"
September 25, 2025 at 3:43 PM
Reposted by Guy Leech
psconf.eu
💡 #PowerShell Security: A Journey Through Time
👨‍🏫👨‍🏫 @miriamwiesner.bsky.social - Security Researcher at Microsoft & Anam Navied - Software Engineer, PowerShell team at Microsoft
🗓️ 14 Oct | #PSConfEU MiniCon
👉 Free ticket: synedgy.com/psconfeu-minicon
#automation
September 23, 2025 at 6:40 AM
guyrleech.bsky.social
London #PowerShell User Group in person Meetup is tomorrow
evening
www.meetup.com/powershell-l...
London PSUG September Meetup @ Jane Street, Wed, Sep 24, 2025, 5:30 PM | Meetup
Join us at Jane Street for this meetup! There will be drinks, food, and SWAG!!! Make sure your register here (mandatory)! **Schedule:** * 17:30 Arrival & Welcome Drinks *
www.meetup.com
September 23, 2025 at 11:41 AM
guyrleech.bsky.social
It seems that the long standing PowerShell 7.5.* bug where Out-Gridview doesn't function properly is fixed in 7.5.3! Hurrah!
github.com/PowerShell/P...
September 10, 2025 at 6:05 PM
guyrleech.bsky.social
PowerShell 7.4.12 is now available. I'll be on 7.4.* until Out-Gridview is fixed in 7.5.* although there is a new 7.5.3 release too
github.com/PowerShell/P...
Release v7.4.12 Release of PowerShell · PowerShell/PowerShell
7.4.12 Tools Add CodeQL suppressions (#25973) Build and Packaging Improvements Update .NET SDK to 8.0.413 Add LinuxHost Network configuration to PowerShell Packages pipeline (#26003) Update c...
github.com
September 10, 2025 at 5:30 PM
guyrleech.bsky.social
TIL I've been using Microsoft products since 1980 when I wrote my first lines of BASIC code which was on a Commodore PET that my late (mainframe) COBOL coding father sometimes brought back from his office
September 4, 2025 at 6:49 AM
guyrleech.bsky.social
Did you know that Entra ID SIDs start S-1-12-1 whereas (legacy?) AD domain and local normal accounts start S-1-5-21 ?
September 4, 2025 at 5:49 AM
Reposted by Guy Leech
samilaiho.com
Multiple vulnerabilities in Dell ThinOS 10
URL: www.dell.com/support/kbdo...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.6
DSA-2025-331: Security Update for Dell ThinOS 10 for Multiple Vulnerabilities | Dell US
www.dell.com
August 28, 2025 at 4:25 AM
guyrleech.bsky.social
PowerShell 1 liner to clear all event logs

Get-WinEvent -ListLog * -EA 0 -PipelineVariable log | %{ $log.LogName ; wevtutil.exe clear-log "$($log.LogName)" }
August 22, 2025 at 12:28 PM
guyrleech.bsky.social
New PowerShell script to find your geographically closest Azure location. Uses geo location so may not be accurate!
Guess which of these I ran from a Windows 365/Cloud PC instance? 😂
Will prompt for login if not connected which may need tenant or subscription parameters
github.com/guyrleech/Az...
August 20, 2025 at 3:59 PM
Reposted by Guy Leech
samilaiho.com
Ransomware Allegations Surface As Colt Outages Continue
www.databreachtoday.com/ransomware-a...
Ransomware Allegations Surface as Colt Outages Continue
British-based multinational telecom Colt Technology Services said a "cyber incident" is responsible for days-long disruptions to its customer portal and
www.databreachtoday.com
August 18, 2025 at 1:47 PM
Reposted by Guy Leech
tomwarren.co.uk
the UK government has dropped its demand for a backdoor into Apple's encryption. This could open the door for Apple to bring back its Advanced Data Protection iCloud encryption to the UK for new users www.theverge.com/news/761240/...
UK drops demand for backdoor into Apple encryption
Here’s hoping that ADP returns to the UK.
www.theverge.com
August 19, 2025 at 10:18 AM
guyrleech.bsky.social
New script, because Get-Hotfix is unhelpful, that uses Windows Update COM interface to show installed updates with various filtering options and raw/object or text output. Excludes Defender pattern updates by default

github.com/guyrleech/Mi...
August 18, 2025 at 3:13 PM
guyrleech.bsky.social
TIL that Get-Help (alias help) does not work in a remote PS session
August 18, 2025 at 2:34 PM
Reposted by Guy Leech
samilaiho.com
Telco giant Colt suffers attack, takes systems offline
www.theregister.com/2025/08/15/l...
Telco giant Colt suffers attack, takes systems offline
Updated: London-based multinational takes customer portal and Voice API platform offline as 'protective measure' following breach
www.theregister.com
August 16, 2025 at 4:50 AM
guyrleech.bsky.social
TIL the @bsky.app Android app doesn't seem to allow selection of text in messages so making copy paste ,etc impossible which is a PITA when you want to e.g. look up a name in a search engine
August 16, 2025 at 8:05 AM