Securing workstations against modern threats is challenging. It seems like every week there’s some new method attackers are using to compromise a system and user credentials. Post updated on March 8th, 2018 with recommended event IDs to audit. The best way to create a secure Windows workstation is to download the Microsoft Security Compliance Manager …
Tag: Disable Windows Scripting Host (WSH)
Oct 21 2016
Securing Windows Workstations: Developing a Secure Baseline
- AppLocker, block macros, Block macros from running in Office files from the Internet, cmd, Control Local Administrator Account, Control Macros, DHCP option 43 hex 0104.0000.0002, Direct hosting of SMB over TCP/IP, Disable LLMNR, Disable NetBIOS, Disable NetSession Enumeration, Disable PowerShell version 2, Disable SMB 1, Disable Windows Scripting Host (WSH), Disable WPAD, EMET, Group Policy, jscript, KB2871997, KB3177451, Lanman Authentication, LAPS, LLMNR, Microsoft Office Macro Security, Microsoft Office Macros, mimikatz, NetCease, NTLM session security, Office 2013 macro, Office 2016 macro security, Office OLE, OLE, packager.dll, port 445, Responder, RID 500, Secure Windows Workstation, Server Message Block, SMB, Telemetry Dashboard, VBA, VBScript, WDigest, Windows 10 build image, WPAD, wscript
- 6 comments
Recent Posts
- BSides Dublin – The Current State of Microsoft Identity Security: Common Security Issues and Misconfigurations – Sean Metcalf
- DEFCON 2017: Transcript – Hacking the Cloud
- Detecting the Elusive: Active Directory Threat Hunting
- Detecting Kerberoasting Activity
- Detecting Password Spraying with Security Event Auditing
Trimarc Active Directory Security Services
Have concerns about your Active Directory environment?
Trimarc helps enterprises improve their security posture.
Find out how... TrimarcSecurity.com
Popular Posts
- PowerShell Encoding & Decoding (Base64)
- Attack Methods for Gaining Domain Admin Rights in…
- Kerberos & KRBTGT: Active Directory’s…
- Finding Passwords in SYSVOL & Exploiting Group…
- Securing Domain Controllers to Improve Active…
- Securing Windows Workstations: Developing a Secure Baseline
- Detecting Kerberoasting Activity
- Mimikatz DCSync Usage, Exploitation, and Detection
- Scanning for Active Directory Privileges &…
- Microsoft LAPS Security & Active Directory LAPS…
Categories
- ActiveDirectorySecurity
- Apple Security
- Cloud Security
- Continuing Education
- Entertainment
- Exploit
- Hacking
- Hardware Security
- Hypervisor Security
- Linux/Unix Security
- Malware
- Microsoft Security
- Mitigation
- Network/System Security
- PowerShell
- RealWorld
- Security
- Security Conference Presentation/Video
- Security Recommendation
- Technical Article
- Technical Reading
- Technical Reference
- TheCloud
- Vulnerability
Tags
ActiveDirectory
Active Directory
Active Directory Security
ActiveDirectorySecurity
ADReading
AD Security
ADSecurity
Azure
AzureAD
DCSync
DomainController
GoldenTicket
GroupPolicy
HyperV
Invoke-Mimikatz
KB3011780
KDC
Kerberos
KerberosHacking
KRBTGT
LAPS
LSASS
MCM
MicrosoftEMET
MicrosoftWindows
mimikatz
MS14068
PassTheHash
PowerShell
PowerShellCode
PowerShellHacking
PowerShellv5
PowerSploit
Presentation
Security
SilverTicket
SneakyADPersistence
SPN
TGS
TGT
Windows7
Windows10
WindowsServer2008R2
WindowsServer2012
WindowsServer2012R2
Recent Posts
- BSides Dublin – The Current State of Microsoft Identity Security: Common Security Issues and Misconfigurations – Sean Metcalf
- DEFCON 2017: Transcript – Hacking the Cloud
- Detecting the Elusive: Active Directory Threat Hunting
- Detecting Kerberoasting Activity
- Detecting Password Spraying with Security Event Auditing
Archives
- June 2024
- May 2024
- May 2020
- January 2020
- August 2019
- March 2019
- February 2019
- October 2018
- August 2018
- May 2018
- January 2018
- November 2017
- August 2017
- June 2017
- May 2017
- February 2017
- January 2017
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- April 2016
- March 2016
- February 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- July 2013
- November 2012
- March 2012
- February 2012
Categories
- ActiveDirectorySecurity
- Apple Security
- Cloud Security
- Continuing Education
- Entertainment
- Exploit
- Hacking
- Hardware Security
- Hypervisor Security
- Linux/Unix Security
- Malware
- Microsoft Security
- Mitigation
- Network/System Security
- PowerShell
- RealWorld
- Security
- Security Conference Presentation/Video
- Security Recommendation
- Technical Article
- Technical Reading
- Technical Reference
- TheCloud
- Vulnerability
Recent Comments