Completely removing users using PS
CyberFibers
by wiredpulse
3w ago
Removing the profile and registry entry The post Completely removing users using PS first appeared on Cyber Fibers ..read more
Visit website
Teamviewer Forensic Artifacts
CyberFibers
by wiredpulse
5M ago
The average system administrator uses remote administration tools to enable them to tend to systems across their network. There are a variety of these tools available and one of them is Teamviewer. During an incident, there are several logs and artifacts of interest that are vital. Each log provides some The post Teamviewer Forensic Artifacts first appeared on Cyber Fibers ..read more
Visit website
Parsing Bitvise Logs for Analysis
CyberFibers
by wiredpulse
5M ago
The use of Secure Shell Protocol (SSH) in a network is can provide significant capabilities. It specifically enables a person to connect to a system via an encrypted shell, authenticate, and interact with a system. For this to happen, however, systems acting as clients need to have an SSH client, The post Parsing Bitvise Logs for Analysis first appeared on Cyber Fibers ..read more
Visit website
Retrieving Files You’ve Uploaded to Microsoft Teams
CyberFibers
by wiredpulse
5M ago
The use of Cloud infrastructure has substantially grown over the years. As people become more comfortable with the technology, it will certainly continue to grow. With comfortability, comes an overabundance and reliance on the use of the platforms in the Cloud. While this could be great for users and organizations, The post Retrieving Files You’ve Uploaded to Microsoft Teams first appeared on Cyber Fibers ..read more
Visit website
SRUM DB… Enhancing Forensics!
CyberFibers
by wiredpulse
5M ago
A common task within Incident Response and Digital Forensics (DFIR) is to identify any evidence of execution of something. That evidence helps to paint a story as to what took place on the machine and possibly highlight other pertinent things that may be unknown. Most commonly, this evidence can be The post SRUM DB… Enhancing Forensics! first appeared on Cyber Fibers ..read more
Visit website
Reducing SMBv3 Vulnerability Attack Surface
CyberFibers
by wiredpulse
5M ago
This week has been very interesting with Microsoft unintentionally disclosing a remote code execution vulnerability in SMB v3. This particularly affects the data compression feature within the 1903 and 1909 versions of Windows 10 and Server 2019. This left defenders everywhere in a frantic state while malicious actors worked overtime The post Reducing SMBv3 Vulnerability Attack Surface first appeared on Cyber Fibers ..read more
Visit website
Validating the Presence of an Item across multiple computers
CyberFibers
by wiredpulse
5M ago
All too often an interesting item is discovered on a system and everyone wants to know if the item exists on any other system. This could be a daunting task but this can be accomplished using PowerShell. With the location and name of the file in hand, the following can The post Validating the Presence of an Item across multiple computers first appeared on Cyber Fibers ..read more
Visit website
Parsing IIS Logs
CyberFibers
by wiredpulse
5M ago
Windows variant of a webserver is called Internet Information Services (IIS). The feature comes as part of Windows server builds but isn’t enabled but default. If you manage an IIS server, logs write to c:\inetpub\logs by default and without a tool or capability, aren’t necessarily the easiest to read. With The post Parsing IIS Logs first appeared on Cyber Fibers ..read more
Visit website
Reducing the Attack Surface for BlueKeep
CyberFibers
by wiredpulse
5M ago
It’s been a few months since the BlueKeep vulnerability was brought to light. This discovery shouldn’t be taken lightly as it allows a malicious user to gain unauthenticated access and the ability to perform remote code execution on Windows systems. The documentation on the vulnerability depicts that the following operating The post Reducing the Attack Surface for BlueKeep first appeared on Cyber Fibers ..read more
Visit website
Invoke-Fail2Ban
CyberFibers
by wiredpulse
5M ago
Anyone who has a system that is accessible on the Internet has likely had their fair share of brute force attempts. Utilizing something like Fail2ban is great because it blocks those type of attacks, providing some level of security. The downfall about Fail2ban is that it was developed for *nix The post Invoke-Fail2Ban first appeared on Cyber Fibers ..read more
Visit website

Follow CyberFibers on Feedspot

Continue with Google
OR